Regarding GDPR, OutSystems and Encrypt DataBases... How are you doing?

Hey guys,

I'm wondering how different customers are treating GDPR when using OutSystems.


For the ones that are not aware yet, GDPR (General Data Protection Regulation) is a regulation created in Europe to protect personal data. (You can learn more about it here)

A lot of other countries nowadays also created their own regulations, sometimes with different directives from the ones in Europe, but always aiming to protect the personal data of individuals, like, users in a web application.


I would like to know how you guys are addressing this matter.

Especially when we talk about Encryption of Data Bases.


For example, one of the directives, at least at my country, is asking to encrypt data in production environment in a way that a DBA would not be able to view it.

So, when storing an personal email for example, if the DBA query the data, it would look like some hash.


There are lots of ways of doing it.

One of them is encrypting data in application side, before sending to the DataBase, and when querying the data, decrypting again in the application side.

However this type of application side encryption would lead us to change the code of already developed applications.

To prevent that I'm looking for some tool or functionality that will enable me to do it in DataBase side.


In SQL, for instance, we have the Always Encrypted functionality, but it is not supported by OutSystems, according the OutSystems Support.


I'm also aware of the TDE (Transparent Data Encryption) functionality of SQL, however this function would not prevent DBA or DB Users to consult the data, once it encrypt the whole DB and not a single column.


If any of you guys have already spent some time on how to address it in an easy and fashion way when using OutSystems, and have some tips or tricks that could help, please let me know.


Thank you all,

Regards, 

RR :)





mvp_badge
MVP

Hey guys,

Someone have experiences to share?

Hey guys,

Someone have news about it?

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.