Securly transferring data from server to external database

Question

Reason: We have a new client that wishes for the database containing all their info to be stored on their own personal database server. However the web server will be located at another location.

Question How can you secure the data from the time it is inputed until the time an external database saves it?

Through some reading it seems that SSL will only cover so much and that some sort of a secure connection must be set up between the two. Or does the SSL cover this connection as well? It somewhat seems that it should.

Answer 1

SSL provides a reasonable solution to transport security (keeping the data safe from prying eyes as it goes over the wire).

Lock down the endpoints between the two systems as far as practical. For example, in addition to encryption, our firewall blocks physical access to the database except from well-known IP addresses.

You still need to ensure that your web server is secure (since the data is available unencrypted there), and that their database server is secure (including encryption of sensitive data when stored in database tables).