This week Steve Jones talks encryption and why you shouldn't be implementing anything you've invented.  Read more...

A short look at the vulnerabilities your data may be susceptible to outside of the database tables.   Read more...

The focus of this paper is on the protection of PII data stored within a database using encryption technologies.  Read more...

Encryption keys for services in the cloud should be maintained by the customer, according to Steve Jones. It's actually a good idea for all of your data.  Read more...

The article discusses and demonstrates TDE for SQL Server databases  Read more...

A comprehensive set of scripts to setup and operate TDE for a SQL Server.  Read more...

With all the recent worms and attacks out there, it's only a matter of time before someone focuses more on databases. With that in mind, Steve Jones thinks it's important we learn and use encryption and better security now.  Read more...

This Friday Steve Jones wants to know if you are using encryption in your production system and if so, how is it working? Can you handle DR situations?  Read more...

With data stored in tables, you have a few options to protect data. Check out this tip to learn more about column level encryption.  Read more...

Encryption is supposed to protect data, and it appears to be working as police and authorities are often stymied by encrypted disks. Steve Jones recommends you encrypt your disks on all your machines.  Read more...

It is important for data professionals to understand security, but it's also important for end users that must handle data. However we have a lot of work to do to make that easier since Steve Jones thinks many IT pros struggle with this concept.  Read more...

A comprehensive set of scripts to setup and operate TDE for a SQL Server.  Read more...

Beginning with SQL Server 2005, column-level encryption and decryption capabilities were made available within the database, providing a solution for situations where one-off types of data need to be secured beyond your existing authorization, authentication or firewall settings. This article provides an overview and example of securing a column using native SQL Server cryptography functions.  Read more...

A look at how you might recover from a disaster using encryption and an HSM module in SQL Server 2008.  Read more...

Steve Jones talks about encrypting stored procedures and why it's a bad idea. And that it's a feature that should be removed from SQL Server.  Read more...

Are you worried about man in the middle attacks on your database server? If you run Oracle you should be, but SQL Server DBAs should not assume they are safe. Adding communication encryption can be a good idea for SQL Server DBAs.  Read more...

Steve Jones thinks Microsoft is making a fundamental security mistake in the way they build features for the various editions of SQL Server. Read today's editorial and see if you agree.  Read more...

Steve Jones thinks Microsoft is making a fundamental security mistake in the way they build features for the various editions of SQL Server. Read today's editorial and see if you agree.  Read more...

Steve Jones thinks Microsoft is making a fundamental security mistake in the way they build features for the various editions of SQL Server. Read today's editorial and see if you agree.  Read more...

I need to encrypt my data within SQL Server and I plan on using the built-in encryption functionality in SQL Server 2005 and 2008. However, I'm looking at symmetric and asymmetric key algorithms and while I see information saying to use symmetric keys, I don't understand why. What's the difference between the two and why is a symmetric key algorithm preferred over the asymmetric key ones?  Read more...