Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase

Understanding Security Expand / Collapse
Author
Message
Posted Tuesday, June 14, 2011 9:16 PM


SSC-Dedicated

SSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-Dedicated

Group: Administrators
Last Login: Today @ 10:12 AM
Points: 31,210, Visits: 15,651
Comments posted to this topic are about the item Understanding Security






Follow me on Twitter: @way0utwest

Forum Etiquette: How to post data/code on a forum to get the best help
Post #1125428
Posted Wednesday, June 15, 2011 5:33 AM


SSCertifiable

SSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiable

Group: General Forum Members
Last Login: 2 days ago @ 8:09 AM
Points: 6,735, Visits: 8,495
The picture use used in the editorial reminded me of the good old ROT13 solution on thread http://www.sqlservercentral.com/Forums/Topic579917-338-1.aspx some years ago.

Johan


Don't drive faster than your guardian angel can fly ...
but keeping both feet on the ground won't get you anywhere

- How to post Performance Problems
- How to post data/code to get the best help


- How to prevent a sore throat after hours of presenting ppt ?


"press F1 for solution", "press shift+F1 for urgent solution"


Need a bit of Powershell? How about this

Who am I ? Sometimes this is me but most of the time this is me
Post #1125608
Posted Wednesday, June 15, 2011 8:44 AM


Ten Centuries

Ten CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen Centuries

Group: General Forum Members
Last Login: Thursday, August 21, 2014 1:54 PM
Points: 1,430, Visits: 3,229
SQL servers implementation is pretty good although it has no real turn-key management solution (yes, it provides some infastructure) and the exact encryption result can not be reproduced external to the server.

Key management is by far the most important element of security involving encryption and it requires serious thought and planning to come up with an optimal solution. For maximum security key management should be a roll your own approach.




The probability of survival is inversely proportional to the angle of arrival.
Post #1125775
Posted Wednesday, June 15, 2011 11:54 AM
SSC Eights!

SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!

Group: General Forum Members
Last Login: Yesterday @ 3:44 PM
Points: 868, Visits: 1,128
In my last job doing public sector consulting, I saw a lot of our customers mandating encryption at rest for all databases without being able to even articulate the tradeoffs and risks, and without also mandating any sort of key management strategy. I saw this on RFC's for different departments in different states. It's clearly become a checklist item. But the incomplete understanding is scary. I guess somebody is going to have to lose access to something big due to an external attacker getting access to a keyserver or to a disgruntled admin to make people understand the risks.
Post #1125963
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse