Jackson K T asked:
Could you suggest something practical on this issue?
Yes and no.
Yes, because you probably strongly underestimate the modern security-related technology; that's why you discussed so very naive suggestion someone gave you. (It's so good that you took it with some critical thinking and asked your question.) From that standpoint, it's possible to greatly improve your awareness, which could potentially result in a very reasonable solution.
No, because each security schema has its cost. And I don't know neither your potential vulnerabilities no the price you are ready to pay.
So, what to do? Let me give you some idea, just for example. First of all, you can use some authentication with strong passwords, so only the authorized users would get access to one or another part of the database, read-write or read-only, on different levels. But I don't believe that database servers are well equipped in this respect. It's very usual approach to hide a database in a separate tier completely closed from any direct access by any human operator, except some people connected directly to the host of the database server. A separate tier can provide access to the database through its own API and secure transport. For simplification of out discussion, let's assume that this tier is a Web application/site/service, then yet another tier would be just the browser.
Let's see. On the Web tier, you can introduce as strong authentication as possible. Passwords are not stored anywhere, because it is never needed, because you can use
cryptographic hash function of the password, store only the hash and compare hash with hash for authentication. The authentication itself could be eavesdropped on the network, but this is prevented by using HTTPS and SSL, instead of HTTP. Also, there is such thing as two-side certificates, both server and client-side. If your organization is so small that you can hand and receive the certificate files in personal contact with each co-worked, you can even use self-signed certificate, including even the certificate needed for SSL.
Finally, it does not have to be exposed to Internet. Network technologies allows us to limit all the operations physically to some narrower network, so, for example, it could be accessible only from some office, and still use all the Web technologies (which is sometimes referred as to
Intranet). But even this would be an overkill — many serious organizations do trust Internet. Don't look too seriously at those cases when important government offices got leaks. They probably use a lot of legacy and their systems might be overly complicated. If you do it all from scratch using only the modern technology, the risk is way lower.
This is only the example of the approach. You probably need to understand some detail. Please see:
http://en.wikipedia.org/wiki/HTTP_Secure[
^],
http://en.wikipedia.org/wiki/Transport_Layer_Security[
^],
http://en.wikipedia.org/wiki/Public-key_cryptography[
^],
http://en.wikipedia.org/wiki/Public_key_infrastructure[
^],
http://en.wikipedia.org/wiki/Certificate_authority[
^],
http://en.wikipedia.org/wiki/Cryptographic_hash_function[
^].
See also some of my past answers:
i already encrypt my password but when i log in it gives me an error. how can decrypte it[
^],
Decryption of Encrypted Password[
^],
storing password value int sql server with secure way[
^].
—SA