Low level data encryption at rest is best achieved with hardware. The major 
server vendors provide RAID controllers that look after this for you on the 
fly. This way the data is always encrypted on the hard drives. That way if 
someone steals the server computer they need that RAID controller in it, and 
know the Windows Admin password to get access to the data. Therefore someone 
cannot take the hard drives only and get the data.

I suspect that is what they are after, but as I have learned with government 
specifications you have to read them, and get their interpretation on them. 

Jody


> On Feb 11, 2018, at 5:24 AM, Paul Lovejoy via 4D_Tech <4d_tech@lists.4d.com> 
> wrote:
> 
> Hi everyone,
> 
> Some of you doing business in Europe may be aware of the new set of rules 
> which will took effect on May 25 2016 and must be applied by May 25 2017. II 
> was asked to assess the impact on a big database we manage in 4D and I was 
> wondering if anyone else has spent time and effort on this question. Just 
> understanding all the legalistic text in these rules would probably require a 
> team of lawyers and consultants: 
> http://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX%3A32016R0679
> 
> Things such as protection against data breaches, data encryption, data 
> portability etc. are raised by this new set of rules. In particular, I was 
> thinking about low-level data encryption and whether there is any way to 
> implement this in 4D and still provide a usable interface and good 
> performance.
> 
> Any thoughts are welcome.
> 
> 
> Cheers,
> 
> 
> Paul

**********************************************************************
4D Internet Users Group (4D iNUG)
FAQ:  http://lists.4d.com/faqnug.html
Archive:  http://lists.4d.com/archives.html
Options: http://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**********************************************************************

Reply via email to