Secure Sockets Layer (SSL) Encryption

Development

Ease of Development

Reliance on non-standard encryption mechanisms complicates development and impedes later changes.

As an industry standard, SSL encryption relies on established development libraries available on all commonly used IT architectures. It simplifies your implementation processes, minimizes development complexity, and reduces the long-term risks of non-adaptability.

Network Security

Router Vulnerabilities

Data packets travel between drivers and databases via one or more routers, which may be configured to "read" data packets passing through them, allowing a user to log and exploit the information.

Enabling SSL encryption ensures that any data exchanged between a driver and database is encrypted. This in turn ensures that — even if intercepted — captured data will be unreadable and impossible to modify in any intelligible manner.

Packet Sniffing

Sophisticated freeware can be used to log data packets passing over a network, putting transmitted data at risk of being captured and logged.

SQL Injection

Where data packets have been captured by a hacker, SQL statements they contain can be modified to return more information than intended from a data source — for instance, to return from an HR database information about all employees instead of just one.

Database Access Security

Credential Vulnerability

Packet sniffing commonly targets database access credentials — i.e., usernames and passwords used to access a database. Credentials transmitted in clear text or via weak encryption leave themselves vulnerable to being captured and used maliciously.

Using SSL encryption ensures that any database credentials sent by a driver to a database will be encrypted and thus useless to unauthorized users. Better yet, Kerberos can be used to entirely eliminate the transmission of credentials.