Dear Team,
As per our business requirement we have to encrypt customer phone number in the database and we are planning to implement AES method.We are in need of guidance on how to achieve it.
Need Help In Encrypting Database
Moderators: gerski, enjay, williamconley, Op3r, Staydog, gardo, mflorell, MJCoate, mcargile, Kumba, Michael_N
4 posts
• Page 1 of 1
Need Help In Encrypting Database
by sunnymannava » Tue Sep 29, 2015 12:22 am
Vicibox Standard 6.0 | 2 SQL Server. 12 Cores. 16 gig Ram. 8 146 gig HD Raid 10 | 3 Web Servers. 12 Cores. 16 gig Ram. 2 73 gig HD Raid 0 | 3 Telephony Servers VERSION: 2.10-452a | VERSION: 2.12-491a-BUILD: 150610-0934
- sunnymannava
- Posts: 9
- Joined: Fri May 21, 2010 9:46 am
Re: Need Help In Encrypting Database
by mflorell » Tue Sep 29, 2015 7:42 am
I have never heard of encrypting the phone number as a requirement. What is the reason for that?
The phone number appears all over the place, from the Asterisk logs, to the vicidial logs, to the SIP messages that go out when calls are placed, and none of those can be encrypted.
The phone number appears all over the place, from the Asterisk logs, to the vicidial logs, to the SIP messages that go out when calls are placed, and none of those can be encrypted.
- mflorell
- Site Admin
- Posts: 18387
- Joined: Wed Jun 07, 2006 2:45 pm
- Location: Florida
Re: Need Help In Encrypting Database
by sunnymannava » Wed Sep 30, 2015 7:36 am
Hello Matt,
Thanks for the quick response. In our business we treat phone numbers as assets and whoever has them they can try reaching the customer outside the system and get the payment. In our existing system we have put certain check in the places so that no one can see the numbers. In our new vicidial setup too, we've removed the phone numbers being exposed to naked eyes. In our logs too we are thinking of encrypting them so that no one can read the numbers. Moreover we'll purge the logs periodically. Have you come across someone who has done it? or you can give us some pointers about how to proceed?
Thanks!
Thanks for the quick response. In our business we treat phone numbers as assets and whoever has them they can try reaching the customer outside the system and get the payment. In our existing system we have put certain check in the places so that no one can see the numbers. In our new vicidial setup too, we've removed the phone numbers being exposed to naked eyes. In our logs too we are thinking of encrypting them so that no one can read the numbers. Moreover we'll purge the logs periodically. Have you come across someone who has done it? or you can give us some pointers about how to proceed?
Thanks!
Vicibox Standard 6.0 | 2 SQL Server. 12 Cores. 16 gig Ram. 8 146 gig HD Raid 10 | 3 Web Servers. 12 Cores. 16 gig Ram. 2 73 gig HD Raid 0 | 3 Telephony Servers VERSION: 2.10-452a | VERSION: 2.12-491a-BUILD: 150610-0934
- sunnymannava
- Posts: 9
- Joined: Fri May 21, 2010 9:46 am
Re: Need Help In Encrypting Database
by mflorell » Wed Sep 30, 2015 12:40 pm
For the phone number field we have never done any more than just hiding it from the agent screen and obscuring digits within certain admin pages and reports. Encryption of that field across the board would result in all kinds of issues.
- mflorell
- Site Admin
- Posts: 18387
- Joined: Wed Jun 07, 2006 2:45 pm
- Location: Florida
4 posts
• Page 1 of 1
Who is online
Users browsing this forum: Bing [Bot], Google [Bot] and 98 guests