April 20th, 2015

Can your web and PDF forms save to an Encrypted Database?

Many web form processing systems allow you to save the form posts in a database.  However, for security and compliance reasons, that is not really very secure.  Of course, if your form processing and the database are in a secure, compliant environment (e.g. a HIPAA-compliant dedicated server), then the situation is better and it may be OK to have your form data saved unencrypted in your database.

However, as the person doing your compliance risk analysis will tell you, it is always better to have data encrypted at rest if you have a choice.  That greatly reduces your risk of breach / compromise.  The problem is: these web form processing systems and plugins will not encrypt your data for you and it is not easy to get a database that is itself fully encrypted.

So — what can you do to lock down your data?

LuxSci SecureForm with MySQL Data Encryption

LuxSci’s SecureForm service allows you to to do all kinds of things with your posted form data, including saving that data (and files) to a MySQL database.  SecureForm will also, if desired, encrypt all of  your posted web and PDF form data  in your MySQL database using AES encryption.

With SecureForm MySQL data encryption, your level of risk is greatly reduced because:

  1. All form data posted will be encrypted at rest
  2. All posted/uploaded files will be encrypted at rest
  3. The encryption key is fully secured and not saved anywhere on your database server or on your web site hosting server itself.

You can still easily access your form data:

  1. LuxSci provides a web interface for viewing the form post data saved to your database.  This system audits your access to the data, restricts access to the specific user or users that you choose, and works seamlessly with encrypted and non-encrypted SecureForm data.
  2. You can connect to your MySQL database directly and use the native MySQL AES_DECRYPT command, together with your encryption key, to decrypt and access all of your encrypted form data.

You have encryption at rest without any loss of usability or access.

How does the encryption work?

When you enable MySQL data encryption for your SecureForm posts (which you can do any time in the”To Database” SecureForm configuration tab):

  1. A complex, random encryption key is generated.  This key is generated to be unique to each SecureForm configuration.
  2. The encryption key is itself encrypted and stored in a secured separate database on a separate server.
  3. The SecureForm system has the ability to access this database, decrypt the key and use it to save new posts to your database, decrypt posts so deliver data to you, and to present you with the key so you can access the data yourself.
  4. When SecureForm receives a form post, instead of saving the raw data (and files) in your database, it instead uses the native-MySQL “AES_ENCRYPT” command, together with your encryption key, to separately encrypt each form field and chunk of file data.
  5. When you wish to access the data in your database, you can use the native MySQL AES_DECRYPT command, together with your encryption key.
  6. LuxSci support staff does not have access to these encryption keys, unless you permit them access to your account.  Only senior operations staff technically has access to them.

This is pretty simple.  The key points are that:

  • Every piece of submitted data is encrypted at rest
  • The password to encrypt the data is secured and not available on any of your hosted servers for an attacker to grab.  E.g. even if an attacker broken into your web server and stole ALL of the data and scripts, that attacker would not be able to decrypt your encrypted form data.
  • Every SecureForm can use a different encryption key … so if somehow you let your encryption key “leak,” that does not endanger any data encrypted by any other SecureForm configuration (in your account or any account).

What else can you do? SecureForm MySQL encryption also supports:

  1. Changing your encryption key on demand
  2. Encrypting unencrypted form posts.  E.g. if you have been using SecureForm without encryption, you can turn it on and then have SecureForm automatically encrypt all of your existing form posts so everything is encrypted.

Give it a try — use a LuxSci Free Trial Account

Already have an account? Enable SecureForm MySQL encryption in your SecureForm “To Database” configuration tab.

Leave a Comment

You must be connected or logged in to post a comment. This is to reduce spam comments.

If you have not previously commented, you can connect using existing social media account, or register with a new username and password.