Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

Encrypt Everything

By Steve Jones,

Security is a problem with so many of our applications and systems. There are numerous ways that we handle access and protection of data, often with access rights or encryption (or both) being applied to data in order to limit who can access the data. However neither of these systems is perfect for a variety of reasons and no matter how we configure our security, it seems there are always issues.

Yahoo announced recently that they are trying to improve their security by encrypting all data that moves between their data centers. Other large internet companies do this, though not all. However, this doesn't necessarily mean that your data is much more secure than it was before. This should make it more difficult to access data while it is transiting networks outside of Yahoo's control, but there are still potential issues. Just as with TDE, any legitimate user inside a data center that has access to the LAN or systems inside the data center can still potentially read the data.

I'm not picking on Yahoo here as the same issues might exist with Microsoft, Google, or any service provider that encrypts data between its facilities. This system also suffers from the potential compromise of the keys used to encrypt traffic if any employee were to sell, disclose, or lose a copy of them on laptop.

However this is a good start, and it does mean that the NSA or any other organization that looks to read data in transit must work harder to access your data if it's encrypted. I think it's such a good idea that I think we ought to start encrypting all traffic by default. LAN, WAN, whatever. We've had tremendous advances in hardware and I'd argue that most of us have more powerful hardware than we need. If we decided t take the hit to encrypt all traffic now, we'd become used to the overhead and we'd have better security overall.

I'd love to encrypt all data on disk, but I know people get nervous about losing data. A good start, however, would be to ensure all data in transit is protected.

Total article views: 240 | Views in the last 30 days: 6
 
Related Articles
FORUM

Security Managemen Systems

problem with Security Managemen Systems

ARTICLE

Implementing Encrypting File System (EFS) with SQL Server

EFS provides a mechanism for encrypting files completely transparent to higher level applications su...

FORUM

Problem with encryption

encryption

FORUM

Encrypt the whole database

Encrypt the whole database

Tags
editorial    
encryption    
security    
 
Contribute

Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones
Editor, SQLServerCentral.com

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones