Re: Is encryption of SQL Server necessary or even recommended

From: Adam Machanic (amachanic_at_air-worldwide.nospamallowed.com)
Date: 10/30/03 

Date: Thu, 30 Oct 2003 09:23:27 -0500

It really depends on your network architecture. If the SQL Server is in its
own subnet accessible only by whatever servers use the database, encrypting
the traffic from the database to the servers would, in my opinion, be a
total waste of time. In such a setting, if the middle-tier servers are
compromised the encryption is not going to help protect the data anyway.
Likewise, in such a setting packet sniffing would not be an issue, so the
encryption would only serve to waste processing resources (and/or money).

On the other hand, if your server is set up such that many servers
throughout your organization and/or direct connections from users' desktop
machines are occurring, encryption might be necessary.

"Bob Clark" <anonymous@discussions.microsoft.com> wrote in message
news:053101c39e97$94948ec0$a601280a@phx.gbl...
> I saw a couple threads on here covering how to encrypt
> traffic between the client and the server. My question is
> a little different:
>
> We were recently gigged on a Vulnerability Assessment
> because none of our network traffic is encrypted. I'm
> looking at knocking out the low hanging fruit quickly so I
> though at encrypting SQL Server traffic. I know it can be
> done, I'd just like to know if it is necessary.
>
> Most of our DBs contain sensitive data which could cost us
> a lot of money if it were compromised. However, one of
> our application vendors told us we didn't need to encrypt
> the SQL Server communication because we were using it in
> an Intranet environment.
>
> My first thought is that an Intranet environment can
> quickly become compromised with the inadvertant
> installation of a trojan on the network.
>
> What does everyone else think?

Relevant Pages

  • Re: SharePoint Services
    ... IT does not support our Access app explicitly as the app is considered ... The app is a 'split' mde with only the BE sitting on the network ... server will work to speed up the app. ... As I stated moving the backend data to SQL server will usually slow it ...
    (comp.databases.ms-access)
  • [NT] Multiple Vulnerabilities in HP Web JetAdmin (Read, Write, Execute, Path Disclosure, Password De
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... HP Web JetAdmin is an enterprise management system for large amounts of HP ... The web server is a modular service ... HP Web JetAdmin uses it's own encryption. ...
    (Securiteam)
  • Re: Advice needed on secure remote datacenter and secure communication
    ... fair bit of time working with windows server, ... as for VPN, ... Addressing your issue with PGP encryption on sensitive files, ...
    (alt.computer.security)
  • RE: SQL 2005 processe stuck in Starting state after reboot
    ... Next I would look at the sql server service and see what account is starting ... If this fixes the problem then it is indeed a network related issue. ... installed as part of the CommVault Simpana 8.0 backup software. ...
    (microsoft.public.sqlserver.server)
  • Re: how big can disconnected dataset be?
    ... I forgot to mention, yes, reducing network ... > traffice, or rather, get all the data to the local server ... > Server from the datasets. ... huge performance increase on your SQL server, but I'm sure you will see some ...
    (microsoft.public.dotnet.languages.vb)