RE: Encription for MDF files

From: Mike Epprecht (SQL MVP) (mike_at_epprecht.net)
Date: 07/28/05


Date: Thu, 28 Jul 2005 06:59:05 -0700

Hi

Did you encrypt the file/directory when logged in as the SQL Server Service
Account? If not, you need to as the encryption/decryption can only be done by
one account.

Just be aware, if you change the user's password from Computer Manager / AD
User Manager, the encryption certificate becomes invalid and you loose total
access to the data on the encrypted file/directory.

If you do a SQL Server BACKUP, the resultant backup can be restored by
someone else, as long as it is not encrypted.

Copying the encrypted file to a different location, will result in it being
decrypted.
--------------------------------
Mike Epprecht, Microsoft SQL Server MVP
Zurich, Switzerland

MVP Program: http://www.microsoft.com/mvp

Blog: http://www.msmvps.com/epprecht/

"Sharad2005" wrote:

> Dear Friends
>
> I want to use the encryption for the MDF files so that no one can just copy
> the data and attach the MDF files to access the database.
>
> When i have done the same the database is in Suspect Mode. Please suggest
> what can be the reason.
>
> I also have the following questions.
>
> 1. Can another user restore the database backup for the encrypted MDF files.
>
> Thanks in advance.
>
> Best regards
> Shailesh



Relevant Pages

  • Re: SQL or Access DB
    ... As far as encryption goes though... ... with Sql Server you can use SQL DMO and encrypt your stored procedures ... installation - Security was absolutely critical and in most instances, ... > then we create a nice gui around this database and sell it to automotive ...
    (microsoft.public.dotnet.languages.vb)
  • RE: Views
    ... you must understand that SQL Server 2000 does not support ... database data encryption as such. ... following method in the KB below to enhance the security. ... Microsoft is providing this information as a convenience to you. ...
    (microsoft.public.sqlserver.programming)
  • Re: Protecting database from administrators
    ... >> there is no encryption while at rest it must still be secure. ... >> All the security MS has offered is weak. ... If it is attached to SQL Server ...
    (microsoft.public.sqlserver.security)
  • Re: MSDE Security (aka users looking at my apps database)
    ... > I have been called in more than once to untangle all sorts of developer ... let's think about a genious tool, RAC by SQL Server MVP Thanh Ngo.. ... even if SQL Server encryption has been defeated... ... think to privacy protection for sensible data... ...
    (microsoft.public.sqlserver.msde)
  • Re: is WITH ENCRYPTION now safe in SQL2005?
    ... There are very dissenting opinions on that in the SQL Server community. ... you are in this situation you are quite happy that you can decrypt the ... How would a safe encryption method be implemented? ... private key, SQL Server must have access to that private key. ...
    (comp.databases.ms-sqlserver)