Click here to monitor SSC
A service from Red Gate
Home SQL .NET SysAdmin Opinion Blogs Forums Books
Sign in  | Join  | Help
Books Home  >  SQL Books  >  Protecting SQL Server Data
Av rating:
Total votes: 10
Total comments: 2
 send to a friend
 printer friendly version


Protecting SQL Server Data
20 August 2009
by

"Privacy is not something that I'm merely entitled to, it's an absolute prerequisite". – Marlon Brando

The battle to secure sensitive personal and business data is a tough one, and the consequences of mishandling sensitive data can be severe. Even more damaging than the lawsuits and fines that can result from regulatory non-compliance is the loss of customer confidence resulting from breaches of security. SQL Server's encryption features, when properly planned and implemented, as described in this book, are an essential tool in the DBA's fight to safeguard this data.

Download the free PDF.

Buy the printed book from Amazon.com

Download the Source Code


Table of Contents

  • Chapter 01: Understanding Sensitive Data
  • Chapter 02: Data Classification and Roles
  • Chapter 03: Schema Architecture Strategies
  • Chapter 04: Encryption Basics for SQL Server
  • Chapter 05: Cell-level Encryption
  • Chapter 06: Transparent Data Encryption
  • Chapter 07: One-way Encryption
  • Chapter 08: Obfuscation
  • Chapter 09: HoneyCombing a Database
  • Chapter 10: Layering Solutions
  • Appendix A: Views and Functions Reference
  • Appendix B: The HomeLending Database

Why read this book?

For as long as there has been something to communicate between two persons there has been data. Today, vast volumes of it are gathered about almost every individual and business. It is the information that we provide when we sign up for an account at our favorite website, fill out a job application, or apply for a mortgage.

These valuable, often sensitive, data assets are stored in a SQL Server database, and entrusted to the Database Administrator, who must use every weapon and strategy at his or her disposal in the "war" to protect this sensitive data from would-be hackers, phishers, rumor mongers and identity thieves. Encryption is one of the primary weapons with which this battle can be won, and yet it is treated with trepidation by many, who fear that it will prove "just another way for data to be lost" or "an unjustifiable cost on performance".

This book holds the key to "encryption without fear". In it, the author goes way beyond the usual demonstration of the SQL Server cryptographic functions. He explains how to assess and categorize data elements according to sensitivity, regulate access to the various categories of data using database roles, views and stored procedures, and then how to implement an efficient and secure data architecture using the available SQL encryption features, such as cell-level encryption, transparent data encryption and one-way encryption.

At each stage the author covers not only how the features work, but also described the situations when they are and are not suitable, and at all times stresses the steps that must be taken to ensure that the solution is maintainable.



This article has been viewed 6878 times.
John Magnabosco

Author profile: John Magnabosco

John Magnabosco is a writer and a SQL Server Database Consultant. He is also the current President and Co-Founder of the Indianapolis Professional Association for SQL Server (IndyPASS) as well as the Speaker Coordinator and Co-Founder of IndyTechFest. As a database developer and administrator John has had the opportunity to work on databases as small as single user systems and as large as a terabyte enterprise databases in the banking and government arenas.

Search for other articles by John Magnabosco

Rate this article:   Avg rating: from a total of 10 votes.


Poor
OK
Good
Great
Must read
 
Have Your Say
Do you have an opinion on this article? Then add your comment below:
You must be logged in to post to this forum

Click here to log in.

Subject: Home Lending database scripts
Posted by: cosmingaina (view profile)
Posted on: Thursday, March 11, 2010 at 12:08 PM
Message: Where can I download the scripts for the Home Lending database because the link posted in the ebook Protecting Sql Server Data http://www.simple-talk.com/RedGateBooks/JohnMagnabosco/HLSchema.zip is invalid.
Subject: Backing up and restoring encryption keys
Posted by: jamest (view profile)
Posted on: Wednesday, August 03, 2011 at 2:05 PM
Message: Hi John
Having read your excellent book i decided to encrypt certain key fields in my database with these script:
use dbMyDB;
-- Create Database Master Key and encrypt by password
create MASTER KEY ENCRYPTION BY PASSWORD = 'ThePassWord';
-- Create a self-signed Certificate
create CERTIFICATE MyCertificate WITH SUBJECT ='Self-Signed Certificate used to encrypt MyDataKey';
-- Create Symmetric Key used for encrypting db data and encrypt that key
-- using MyCertificate
Create SYMMETRIC KEY MyDataKey WITH ALGORITHM = DESX
Encryption By Certificate MyCertificate;

The encryption works fine up until i need to generate the schema and data script using the Database Publishing Wizard for uploading on a differenct server, such as that in shared hosting provider.

Recreating the keys and certificate on the other server i cant decryt my encrypted fields. I presume i need to backup and restore the same to the new server. Or is there a better way to decrypt my fields once i have moved the data to the new server? Can you point me in the right direction please.

Regards

JamesT
 
  Books Home

  .Net Books (2 articles)

  SQL Books (20 articles)

  Sysadmin Books (3 articles)
recommended site pinvoke

PInvoke.net is a user-driven wiki which provides .NET developers with native method signatures, so they don't have to spend time writing them from scratch.




Captain Biplane: Interplanetary Airman
 Simple-Talk caters for the lighter side with its publication of 'Captain Biplane: Interplanetary... Read more...

Don't Just Roll the Dice - eBook Download
 Neil Davidson has created a short handbook with the theory, practical advice and case studies, to... Read more...

Defensive Database Programming
 Inside this book, you will find dozens of practical, defensive programming techniques that will improve... Read more...

Mastering SQL Server Profiler
 Brad McGehee's "from the ground up" guide to SQL Server's most powerful performance diagnostic tool... Read more...

SQL Server Tacklebox
 Inside the SQL Server Tacklebox you'll find day-to-day tools, scripts and techniques to automate and... Read more...

Exchange 2010 - A Practical Approach
 Jaap's Practical Guide to Exchange Server 2010 draws upon all that experience to deliver an easy-to-use... Read more...

Brad's Sure Guide to SQL Server Maintenance Plans
 Brad's Sure Guide to Maintenance Plans shows you how to use the Maintenance Plan Wizard and Designer to... Read more...

Inside the SQL Server Query Optimizer
 This book will take you from the fundamentals of Statistics, Cost Estimation, Index Selection, and the... Read more...

SQL Server Hardware
 SQL Server Hardware will provide the fundamental knowledge and resources you need to make intelligent... Read more...

Performance Tuning with SQL Server Dynamic Management Views
 This is the book that will de-mystify the process of using Dynamic Management Views to collect the... Read more...

Over 400,000 Microsoft professionals subscribe to the Simple-Talk technical journal. Join today, it's fast, simple, free and secure.

Join Simple Talk


Privacy policy | Terms and conditions | ©2005-2012 Red Gate Software
About | Site map | Become an author | Newsletters | Contact us