Re: Encrypt/Decrypt SQL Server 2005 data files

Hi Dejan,

Thank you very much for the suggestions.

Robbie

Dejan Sarka wrote:
Thank you very much for the reply. EFS is what we tried. There are two unfortunate limitations. First, according to Microsoft, you cannot use SQL if the log file is encrypted. Second, decrypt takes many minutes and the long required time makes the technology impractical to use.
I agree that there is no absolute way to prevent access to data once an expert has physical possession of a computer or a hard drive.
SecuriKey does work as advertised. There are ways to circumvent the technology, but it provides some protection.

Maybe you can encrypt just the snsitive part of the data? Try to look at the EncryptByKey and other encryption functions in BOL. Together with carefully set NTFS permissions and encrypted backup you might get what you need.

.

Relevant Pages

  • RE: local admin account password
    ... > encrypt the database and create alerts in the event of unsuccessful ... >> no more recovery console and don't think cached logins will work. ... >> The DB file would be encrypted with EFS so only the limited user SQL ... >> itself doesn't really need to be secure as the authentication is based ...
    (Focus-Microsoft)
  • Re: SQL Server 2000 / 2005 Encryption
    ... encrypting the connection makes sense to me. ... This is possible on SQL 2005 via built-in T-SQL statements and functions, but requires 3rd-party tools, usually some sort of extended procedures. ... to encrypt your SSL connections will be different. ... Excel does not know how to decrypt data stored in SQL Server 2005 in encrypted form. ...
    (microsoft.public.sqlserver.security)
  • Re: SQL Server 2000 / 2005 Encryption
    ... You require 3rd-party tools even when using the native SQL 2005 encryption ... to encrypt your SSL connections will be different. ... But you mentioned Excel cannot decrypt this information. ... Requests to the web services would connect to the database and invoke ...
    (microsoft.public.sqlserver.security)
  • Re: SQL Server Encrypt, Failure..
    ... This function doesn't encrypt at ... (Not that I had too high of expectations for a undocumented SQL ... Declare @Password2 nvarchar ... > Bill Dodd ...
    (microsoft.public.sqlserver.server)
  • Re: Web.config encryption in shared hosting scenario
    ... I just begin to search for a solution because the customer does not allow ... like to encrypt the database connection string located in the web.config. ... I am connecting to the SQL ...
    (microsoft.public.dotnet.framework.aspnet.security)