Implementing PII Encryption with PDX Serialization
After many publicized security breaches, many firms are scrambling to add encryption for Personally Identifiable Information (PII) data to their applications. In this session we'll describe an implementation of PII encryption for Geode applications via use of custom PDX Serialization. This approach encrypts PII on the Geode Client with no or minimal changes to existing application logic, while covering all Three key vulnerabilities: On Disk, In Memory, and on-the-network. The presentation will include discussion of how this approach to PII encryption impacts data search patterns such as key-based lookups and OQL queries. During the second part of the presentation, we'll describe how to implement this solution on existing production systems with an incremental, zero-downtime migration approach, and considering aspects such WAN Gateway Replication and contention between live traffic and initial encryption work.