Home Forums SQL Server 2005 Administering data protection question RE: data protection question

  • May 12, 2010 at 6:53 am

    #1166156

    Then anyone who has access to the hosted site has access to the keys and hence the data.

    If you're using SQL column-level encryption then, unless you're encrypting by password, the keys are stored in the database and sysadmins have full permissions on those keys and hence to the encrypted data.

    The only real way to prevent a sysadmin from accessing data is to encrypt it in the app and store the keys somewhere where the sysadmin has no permissions.

    Gail Shaw
    Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
    SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

    We walk in the dark places no others will enter
    We stand on the bridge and no one may pass