Click here to monitor SSC
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in
Home       Members    Calendar    Who's On

Add to briefcase

Security Expand / Collapse
Posted Tuesday, September 2, 2014 6:14 PM
Ten Centuries

Ten CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen Centuries

Group: General Forum Members
Last Login: Friday, December 2, 2016 5:06 PM
Points: 1,246, Visits: 2,035

My company people are using TDE. They want to secure the data even they don't want the DBA can see the data. How can we achieve this? Any third party tools available for this?
Post #1609856
Posted Wednesday, September 3, 2014 1:17 AM


Group: General Forum Members
Last Login: Wednesday, December 7, 2016 7:13 AM
Points: 2,199, Visits: 6,042
TDE will only help if some stills the database's files or the database's backup files. The data is written to those files with encryption, but when it goes into the cache, it is decrypted. This won't stop anyone with permissions to read the data, from watching it decrypted.
If you don't want the DBA team to be able to read data on the server, then you'll have to encrypt it using a password that is not known to the DBA team. Have a look at this article - Notice that it comes with a price – you won't be able to use indexes on encrypted data, so you'll might have performance issues. Also if you already have an application that is working with the database, you'll have to modify the code.


To know how to ask questions and increase the chances of getting asnwers:

For better answers on performance questions, click on the following...
Post #1609892
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse