Home Forums SQL Server 2008 Security (SS2K8) Encryption noob with a table design general question RE: Encryption noob with a table design general question

  • February 1, 2013 at 7:06 pm

    #1583626

    Michael Valentine Jones (2/1/2013)

    William Plourde (2/1/2013)

    ok, I think I understand that. So if fetching the 'common' un enc data just make sure I use the appropriate field list in the query. And if I need all the data just go for it.

    So how do others do this out there in the world ? Do people commonly encrypt individual columns in a table or just say the heck with it and encrypt the entire table ?

    You will always have some unencrypted columns is a table, like the primary key and any indexed columns. Indexes on an indexed column are worthless.

    Encrypt only data that needs to be encrypted.

    BWAAA-HAAAA!!!!! You just gave me a brilliant idea to have fun with the auditors next year!!! I'm going to make a table of all encrypted columns and call it something like "CustomerPrivate". I'll encrypt each column using a different salt and datatype and it'll be filled with nothing but random data. I'll use the old Col01-Col99 style of columns names and when the ask me what's in it, I'll tell them what they've told me so many times... "You don't have the clearance or the need to know". 😛

    Notice that it wouldn't be a real good idea to pluralize this particular table name. :hehe:

    --Jeff Moden

    RBAR is pronounced "ree-bar" and is a "Modenism" for Row-By-Agonizing-Row.
    First step towards the paradigm shift of writing Set Based code:
    ________Stop thinking about what you want to do to a ROW... think, instead, of what you want to do to a COLUMN.

    Change is inevitable... Change for the better is not.

    Helpful Links:
    How to post code problems
    How to Post Performance Problems
    Create a Tally Function (fnTally)