Encryption can provide strong security for data at rest, but developing a database encryption strategy must take many factors into consideration. Encryption at the database level, versus application level and file level has proved to be the ideal method to protect sensitive data and deliver performance.

Organizations must balance between the requirement for security and the desire for excellent performance. Packaged database encryption solutions have proven to be the best alternative to protect sensitive data. There is a multitude of techniques and alternative topologies for encryption at the database level. In real-world scenarios, are complex issues and experts should be used who understand all available options and the impact for each particular customer environment.

Database-layer encryption protects the data within the DBMS and also protects against a wide range of threats, including storage media theft, well known storage attacks, database-layer attacks, and malicious DBAs. Deployment at the column level within a database table, coupled with access controls will prevent theft of critical data.