April 12, 2018 at 4:24 pm
Hi All,
I want to avoid the cost of HSM for TDE and was wondering if we can manually administer the Service Master Key(SMK). What I mean is remove it from the Master Database and insert it if needed. Seems like it is rarely needed and we make a backup. I have heard people are manually administering SMK.
Thanks for thoughts/recommendations!
April 13, 2018 at 4:18 am
tane461 - Thursday, April 12, 2018 4:24 PMHi All,
I want to avoid the cost of HSM for TDE and was wondering if we can manually administer the Service Master Key(SMK). What I mean is remove it from the Master Database and insert it if needed. Seems like it is rarely needed and we make a backup. I have heard people are manually administering SMK.Thanks for thoughts/recommendations!
The service master key is auto generated and has no bearing on TDE
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
April 13, 2018 at 10:18 am
Actually the Service Master Key is the top key in the TDE key hierarchy. It is recommended not to leave it in the Master Database but to use somewhere else like a HSM.
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply