2 Replies Latest reply on Jan 19, 2016 10:55 AM by wimdecorte

    Why use encryption at rest?

    AlanBrooks

      I understand the philosophy and importance of encrypting the data in a database while at rest.


      It seems like, at one time, Filemaker database files stored the data on the hard disk in clear text but after reading about EAR, as a test, I created a database with a single record and one field, opened that database with a text editor and found no instance of the data entered in the record.  This was done with FMP 14.

       

      According to documentation, EAR (Encryption at Rest) is disabled by default in a FileMaker Pro file and must be implicitly enabled using FileMaker Pro Advanced.

       

      Isn't the data encrypted in a default FM14 file?  Does EAR provide further encryption?


      Thanks

        • 1. Re: Why use encryption at rest?
          coherentkris

          EAR provides another level of data security by encrypting the data on disk and locking it with a set of credentials.

          This is designed to prevent unauthorized access to an .fmp12 file or files should someone gain access to them.

          If you encrypted a file with EAR and I was able to hack your system and gain access to the .fmp12 file I would need to figure out how to get past the account/privilege set security settings AND the encryption credentials to gain access to the data in your file.

          • 2. Re: Why use encryption at rest?
            wimdecorte

            AlanBrooks wrote:

             

            Isn't the data encrypted in a default FM14 file?  Does EAR provide further encryption?

             

             

            No, it's more "hashed" than anything, but it is not encryption where you control the key.

             

            There are many good reasons to use EAR and it's all about protecting both the data and the intellectual property.

             

            Also note that the commercially available password hackers do not work on a file that has EAR enabled...