Re: Encryption
- From: Erland Sommarskog <esquel@xxxxxxxxxxxxx>
- Date: Fri, 25 Jul 2008 01:19:23 -0700
John (XMS@xxxxxxxxxxxxxxxxx) writes:
We have an application which uses a local SQL2k db that we plan to
migrate to Sql 2005/8 eventually. We currently use a 3rd party
encryption tool because by installing a SQL encrypted MDF on a server a
SA can bypass the encryption.
The 3rd party shim we use now has caused many ongoing compatibility
problems
with other windows applications.
Has the behavior of native SQL Server encryption changed such this
security hole is no longer an issue?
Could you clarify? The only encryption SQL 2000 supported was to permit
the communication to SQL Server to be encrypted, but there was no support
for encrypting data at rest. So it's difficult what security hole you
were talking about, as there was no thing to have a hole in.
SQL 2005 offers the ability to store data encrypted, and SQL 2008 offers
more functionality in this area. I think all the new features in SQL 2008
are in Enterprise Edition only.
However, encrypting the data, so that it will be out of reach for a DBA
who is dead set go getting it, will remain difficult.
--
Erland Sommarskog, SQL Server MVP, esquel@xxxxxxxxxxxxx
Books Online for SQL Server 2005 at
http://www.microsoft.com/technet/prodtechnol/sql/2005/downloads/books.mspx
Books Online for SQL Server 2000 at
http://www.microsoft.com/sql/prodinfo/previousversions/books.mspx
.
- Follow-Ups:
- Re: Encryption
- From: John
- Re: Encryption
- Prev by Date: RE: Encryption
- Next by Date: Re: DENY ALL on system SPs in a database
- Previous by thread: RE: Encryption
- Next by thread: Re: Encryption
- Index(es):
Relevant Pages
|
|
