Hello all,
in my company, we have a database that contains all passwords to servers,
apps,... you name it.
It sits on a network drive with very limited NTFS permissions, and it's
encrypted (PHP).
They way we do it now is this:
We decrypt the database (it's only to be decrypted by the secadmins (3)
private keys) we read it, and then we remove the decrypted copy.
Needles to say that even secadmins forget to remove the decrypted copy every
now and then.
Is there a way to decrypt it on the fly, so that no copy is stored on the
disk (I guess only in RAM) that provides the same possibility to limit
access to certain private keys.
Would that maybe involve writing an interface to do the job (eg a php page
that can run a query on the database) or is there an off-the-shelf solution
to this.
I'd be pleased to hear your ideas about this.
Kind regards,
Joost De Cock
ASTRID NV
Security Administrator
**********************************************************************
The information in this mail is confidential and is intended solely
for the addressee(s).
Access to this email by anyone else is unauthorised. If you are not
an intended recipient, you must not read, use or disseminate the
information contained in the email.
**********************************************************************
