Post reply

SQL Server Database Encryption

  • July 8, 2004 at 5:14 am

    #83305

    I want to encrypt an entire SQL Server database using standard RC4 algorithm.

    Although I have encrypted the entire database.But now I want to use the database for select queries,inserts, updates, deletes for the database without changing my queries and without decrypting the database.I do not want to use a interface between database and my front end application.

    Is any solution possible within the limits of the SQL Server.

    or there is any solution outside the limits of SQL Server?

    Till I have found no solution for this problem.Can anybody help me in this problem.

    Amit Mehrotra

     

     

     

     

  • July 9, 2004 at 9:50 am

    #514119

    Who are you hiding the data from or is this just an exercise to see if you can do it?  1 or 2 columns I can understand (salaries, credit card numbers, social security)  But to encrypt the entire system will most certainly affect performance and if not handled correctly you will lose keys and lock yourself out entirely.

    I heard someone say the other day, and I am wonder if I agree with them, "They're trying to solve a moral problem with a techinical solution."

    This has to do with all kinds of ways to standardize processes and limit risks and comply with audit but this had turned into a techinical issue for IT to develop and implement.  The hole in this was that no-one can control what someone would do in the "accounting office" or CFO's laptop.

     

    Good luck hiding your data! 

     

  • July 9, 2004 at 9:58 am

    #514124

    If you are going to encrypt your databases, don't forget to look at your front-end and reporting systems as well.  Not much good to encrypt sensitive data on your database, only to find it visible on a report in front of a filing clerk, or on a user's screen.

    When in doubt - test, test, test!

    Wayne

  • July 9, 2004 at 11:03 am

    #514142

    Key management is hard and I question the wisdom of this exercise.

    http://www.sqlservercentral.com/columnists/sjones/wp_encryption.asp

    If you feel you must: http://www.protegrity.com/

  • July 12, 2004 at 12:25 pm

    #514298

    Steve's article has a log of merit.  AND... if your database and servers are protected via security setups, then why encrypt the entire database?  In the healthcare field, it's required to encrypt the data IF it is being used by someone outside of our network firewall.  But then it's encrypting ASCII files that are extracts from the database NOT the database itself.

Viewing 5 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic. Login to reply