Rails - Heroku - Postgres - Not Storing Sensitive Content in Clear Text

What'开发者_运维问答s the right way to handle sensitive content in rails3/heroku/postgres database.

Why kind of encryption. How to implement? what to use to implement?

Thank you

this SO Article discusses some encryption/decryption options that you could look into. without knowing too much about your application, I would say look there first and see if you can find anything that fits the bill. As a big side note, whatever protection method you choose, be sure not to forget to add filters to your application.rb file, or else you may find your unencrypted data appearing in the log files. to do this you would need to simply add something like in application.rb:

config.filter_parameters += [:password, :YOUR_FILTERED_PARAM]