The encryption capabilities of SQL Server have been growing in each new version. We have gone from password protected backups to Transparent Data Encryption (TDE), we have moved form PWDENCRYPT() to symmetric, asymmetric keys, and certificates. There are quite a few options available in the current SQL Server platform. However I don't often see people writing or talking about their use of security.
It might be the nature of sensitive data means keeping the use of encryption quiet, but that shouldn't matter. If you are keeping your keys safe, the algorithms and deployments you use should not matter. This Friday I wanted to ask a question about your use of encryption in real world systems.
If you have sensitive information (identity/financial/medical) data in a database, have you deployed encryption?
I would like to know if you've actually implemented native or third party encryption and if so, in what percentage of the databases that have sensitive information is encrpytion deployed. Do you strip out data before you store it, perhaps only storing something like the last four digits of a credit card in plain text? How diligent do you think your employer is being with regards to encryption?
If you work with encryption, are you confident that you can recover your systems in a disaster? That's one question I'd want to be sure I could answer before I deployed any keys in my database.
Steve Jones
The Voice of the DBA Podcasts
We publish three versions of the podcast each day for you to enjoy.
- Watch the Windows Media Podcast - 18.4MB WMV
- Watch the iPod Video Podcast - 15.9MB MP4
- Watch the MP3 Audio Podcast - MB 3.3MP3
The podcast feeds are available at sqlservercentral.mevio.com. You can also follow Steve Jones on Twitter:
Today's podcast features music by Everyday Jones. No relation, but I stumbled on to them and really like the music. Support this great duo at www.everydayjones.com. They have a great version of Message in a Bottle if you want to check it out.
I really appreciate and value feedback on the podcasts. Let us know what you like, don't like, or even send in ideas for the show. If you'd like to comment, post something here. The boss will be sure to read it.