The battle to secure personal and business data is a tough one, and the consequences of mishandling sensitive data can be severe. Even more damaging than the fines and lawsuits that can be result from non-compliance with regulations, is the loss of customer confidence that results when these breaches of security occur. SQL Server's encryption features, when properly planned and implemented, as described in this book, are an essential tool in the DBA's fight to safeguard this data.
If you would like to receive an email notification when this book is released, please complete this form.
Simple-talk will not share this email address with anyone and, unless you subsequently register for the Simple-Talk newsletter (which we hope you will!), you will receive only two emails as a result; one when the eBook is released and a second when the hard copy book is released on Amazon.
Table of Contents
Why read this book?
For as long as there has been something to communicate between two persons there has been data. Today, vast volumes of it are gathered about almost every individual and business. It is the information that we provide when we sign up for an account at our favorite website, fill out a job application, or apply for a mortgage.
These valuable, often sensitive, data assets are stored in a SQL Server database, and entrusted to the Database Administrator, who must use every weapon and strategy at his or her disposal in the "war" to protect this sensitive data from would-be hackers, phishers, rumor mongers and identity thieves. Encryption is one of the primary weapons with which this battle can be won, and yet it is treated with trepidation by many, who fear that it will prove "just another way for data to be lost" or "an unjustifiable cost on performance".
This book holds the key to "encryption without fear". In it, the author goes way beyond the usual demonstration of the SQL Server cryptographic functions. He explains how to assess and categorize data elements according to sensitivity, regulate access to the various categories of data using database roles, views and stored procedures, and then how to implement an efficient and secure data architecture using the available SQL encryption features, such as cell-level encryption, transparent data encryption and one-way encryption.
At each stage the author covers not only how the features work, but also described the situations when they are and are not suitable, and at all times stresses the steps that must be taken to ensure that the solution is maintainable.