: Should I store address in encrypted form? What are the general rules relating to address fields and others. I only store password in encrypted form, the rest are not. Email is also used during
What are the general rules relating to address fields and others. I only store password in encrypted form, the rest are not. Email is also used during login. Can someone give me a suggestion related to
email
address
city
zip codes
and others you may thing of. I am the only admin at this point and no one else is viewing any record. What should be standard?
As a side question, should I store address no matter what (or optional) since the website is about buying stuff?
More posts by @Mendez628
2 Comments
Sorted by latest first Latest Oldest Best
Assuming you're dealing with the US, addresses are fairly public. The only real privacy concern is matching addresses to individuals -- and I don't think that an email address alone (at least, from what you've shared with us of your schema) is enough to present that risk. I work for SmartyStreets where we handle a lot of address data (standardizing, verifying, etc).
Consequently, we maintain a database that stores millions of official USPS-supplied address records. We take privacy seriously. I don't think, though, that there's a need in your case to actually encrypt all of those fields. As Jason said, if you later wanted to query that data for a search, performance will probably nosedive unless it's done right.
By the way, if you're collecting addresses (especially for a customer database), you will want to verify that they are correct; I suggest a service like LiveAddress. There's also services to process existing databases for you.
I would not encrypt any of that data from the application, which is what I expect you are talking about. Encrypting data like that slows things down and makes some tasks very difficult (like doing a query to search or sort on any of hat data).
Instead I would look at encrypting at the database level. Let the DBMS handle the encryption so that your application can be free to do what it needs to do, but if the DB is compromised, then the data is safe.
NOTE: This would NOT prevent someone from exploiting a SQL injection attack to get unencrypted data. Keep that in mind, but if you write your SQL properly, that should not be a problem.
I cannot answer your question about whether or not address should be required. I would think that if you are doing online commerce that you would need it (most CC providers would require it for verification processes, I think). I suppose you could make it optional until they purchase something.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.