If you're storing HIPAA data and/or PII then just make sure it's encrypted
at rest. We just did this at my workplace by using full disk encryption on
the disk which stores the DB files.
That may not be the best solution, but it appears to work well enough.
--
-BEGIN GEEK CODE BLOCK-
Ver
True. In our environment we have other layers to deal with network security
which covers us for encryption of a data as it's transmitted, and you
definitely should do that, but that's not something a DBA would normally be
concerned with.
And given that he said that the machine may be standalone, I
On the topic of 'natural' versus 'synthetic' primary keys, I am generally
in the camp that an extra ID field won't cost you too much, and while one
may not need it for a simple table (i.e. id, name) one might add any number
of columns later, and you'll be glad to have it.
I am, however, against us
