June 24, 2009 at 2:11 pm
I have a couple of databases that contain encrypted data using certificates and symmetric keys.
Is there any value in backing up the info returned by system views such as sys.certificates and sys.symmetric_keys? Should I store this info in a table somewhere and could it come in handy in a disaster recovery situation?
I'm already backing up the certificates to a file that will go to tape.
Any comments would be appreciated as well as any input on backup strategies for databases containing encrypted info.
__________________________________________________________________________________
SQL Server 2016 Columnstore Index Enhancements - System Views for Disk-Based Tables[/url]
Persisting SQL Server Index-Usage Statistics with MERGE[/url]
Turbocharge Your Database Maintenance With Service Broker: Part 2[/url]
June 24, 2009 at 9:41 pm
I've never seen anything to suggest that is necessary, no.
My favourite article for this stuff on here is http://www.sqlservercentral.com/articles/SQL+Server+2005+-+Security/sql2005symmetricencryption/2291/
There are plenty though - search the tags if you are interested.
Paul
June 25, 2009 at 7:58 am
Paul White (6/24/2009)
I've never seen anything to suggest that is necessary, no.My favourite article for this stuff on here is http://www.sqlservercentral.com/articles/SQL+Server+2005+-+Security/sql2005symmetricencryption/2291/
There are plenty though - search the tags if you are interested.
Paul
Thanks, that's a good article. We are moving to data encryption in the next few months and I need to make sure I know all the ins and outs of recovering encrypted data in case of disaster or database corruption. Makes me kind of nervous... :w00t:
__________________________________________________________________________________
SQL Server 2016 Columnstore Index Enhancements - System Views for Disk-Based Tables[/url]
Persisting SQL Server Index-Usage Statistics with MERGE[/url]
Turbocharge Your Database Maintenance With Service Broker: Part 2[/url]
June 25, 2009 at 2:56 pm
Yeah I know what you mean - went through something similar with PCI-DSS (or whatever it was called).
Heh. You could always upgrade to 2008 Enterprise and use Transparent Database Encryption :w00t:
July 20, 2009 at 10:23 am
Paul White (6/25/2009)
Yeah I know what you mean - went through something similar with PCI-DSS (or whatever it was called).Heh. You could always upgrade to 2008 Enterprise and use Transparent Database Encryption :w00t:
Yes, I have thought about that, but I think it only protects against theft of the actual physical database files, which will be useless if attached to another instance. It does not prevent someone from connecting to the database and viewing sensitive data. At least that's my understanding.
__________________________________________________________________________________
SQL Server 2016 Columnstore Index Enhancements - System Views for Disk-Based Tables[/url]
Persisting SQL Server Index-Usage Statistics with MERGE[/url]
Turbocharge Your Database Maintenance With Service Broker: Part 2[/url]
Viewing 5 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply