Need for Service Master Key backups, Database Master Key backups

  • For enabling and moving TDE enabled databases certificate backup & private key are sufficient. Exactly under what scenarios you will need SMK backups , DMK backups or restore SMK , DMK backups

  • arr.nagaraj (8/22/2013)


    For enabling and moving TDE enabled databases certificate backup & private key are sufficient. Exactly under what scenarios you will need SMK backups , DMK backups or restore SMK , DMK backups

    Usually you do not need either for especially TDE.

    You should however always have a Backup of your Service Master Key ready for rare/unlikely corruption scenarios.

    Same goes for the Database Master Key of master DB which protects your certificate.

    In other cases when not using TDE but other encryption/signing techniques you may need a specific backup of the DMK for a restore of a user database.

    So just protect yourself for the case. But make sure, the backup location itself is secure.

    Andreas

    ---------------------------------------------------
    MVP SQL Server
    Microsoft Certified Master SQL Server 2008
    Microsoft Certified Solutions Master Data Platform, SQL Server 2012
    www.insidesql.org/blogs/andreaswolter
    www.andreas-wolter.com

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply