SQL Server encrypting data

I have been asked to produce a system that is the middle point in a bunch of systems that handles payments to a small g开发者_运维知识库roup or people. For it I will be required to store the peoples bank details.

What is a good way of encrypting this data to be stored within the database and then decrypt the data when required to pass onto the next system?

For this project I need to use Microsoft SQL Server.

If you're using SQL Server 2008 the you can use the built in transparent data encryption (TDE). Check out and see if it fits the bill.

I encrypt the values at application level along with an encryption key, and then pass this encrypted value to SQL Server.

When decrypting I pass the encrypted values to the application, and decrypt before using them within the application.

I prefer this method as it keeps the encryption method seperate from SQL Server.

Otherwise, if a user was to hack into your SQL Server, including your encrypted values, and you were using a T-SQL User Defined Function, they would have the ability to decrypt the values, making the encryption worthless.