SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

Encryption in Production

By Steve Jones,

The encryption capabilities of SQL Server have been growing in each new version. We have gone from password protected backups to Transparent Data Encryption (TDE), we have moved form PWDENCRYPT() to symmetric, asymmetric keys, and certificates. There are quite a few options available in the current SQL Server platform. However I don't often see people writing or talking about their use of security.

It might be the nature of sensitive data means keeping the use of encryption quiet, but that shouldn't matter. If you are keeping your keys safe, the algorithms and deployments you use should not matter. This Friday I wanted to ask a question about your use of encryption in real world systems.

If you have sensitive information (identity/financial/medical) data in a database, have you deployed encryption?

I would like to know if you've actually implemented native or third party encryption and if so, in what percentage of the databases that have sensitive information is encrpytion deployed. Do you strip out data before you store it, perhaps only storing something like the last four digits of a credit card in plain text? How diligent do you think your employer is being with regards to encryption?

If you work with encryption, are you confident that you can recover your systems in a disaster? That's one question I'd want to be sure I could answer before I deployed any keys in my database.

Steve Jones

The Voice of the DBA Podcasts

We publish three versions of the podcast each day for you to enjoy.

Everyday Jones

The podcast feeds are available at sqlservercentral.mevio.com. You can also follow Steve Jones on Twitter:

Today's podcast features music by Everyday Jones. No relation, but I stumbled on to them and really like the music. Support this great duo at www.everydayjones.com. They have a great version of Message in a Bottle if you want to check it out.

I really appreciate and value feedback on the podcasts. Let us know what you like, don't like, or even send in ideas for the show. If you'd like to comment, post something here. The boss will be sure to read it.

Total article views: 239 | Views in the last 30 days: 1
Related Articles

Encrypt the whole database

Encrypt the whole database


Advice on data encryption

Need options for encrypting sensitive data


Encrypting Data

Encrypting data is the easy part of dealing with encryption and databases. Steve Jones talks about s...


Encrypting the entire database.

Encrypting the entire database.


Database Encryption

Database Encryption tools for SQL and Oracle

friday poll