On 6 February 2015 at 14:22, Tom Brennan <[email protected]> wrote: > Maybe someone can tell me what difference it makes whether the data was > encrypted on disk or not (as some news reports are talking about). I mean, > if I do a SELECT * from an admin id I must be going through the decrypt > process, right? So it makes little difference if the source data is > encrypted I would think.
It depends on how the data is leaked, or "exfiltrated" to use a word we've heard rather too much of lately. If it's through the intended app or user interface to which the attacker has obtained credentials, then yes, it's probably all nicely decrypted and ready to go. But presumably any such app has controls on who can look at what data, and probably who -- even if authorized -- can look at how *much* data. Otoh, if the data is leaked from e.g. a backup file or captured in transit, then encryption will probably keep it from being useful. Tony H. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
