SQL Sever Encryption{1}


by Han C
With cyber crime on the rise, database administrators must  do everything they can to prevent data from being compromised. This article introduces a new product called ActiveCrypt DBDefence which is designed to lock down database log files inside 32 and 64 bit systems on SQL Server 2000, 2005, and 2008. The enterprise eidition of DBDefence can be a very useful too for organizations looking to encrypt data in SQL Server 2008. What this software does is it implements transparent 128-bit AES encryption for any selected SQL Server Database. By transparent, meaning a database administrator does not need to modify SQL requests to handle encrypted fields or modify any other existing queries. It can even encrypt databases for applications when the customer does not have access to the source code. One example the article provides is when a customer wants to encrypt a CRM application database, DBDefence can still encrypt the database without given customer’s access to the actual source code. DBDefence also aids network administrators because it runs as a server-side software and does not need to be installed on individual client computers.

My thoughts regarding this article is that this can be a very useful tool for database administrators. I have only used encryption software such as trucrypt prior to reading this article and had never heard of database encryption tools before. It sounds like DBDefence makes encrypting database tables a much simpler process compared to other prior alternatives. I hope to see how this software will evolve as it seems very promising. I have not looked into it but I wonder if Oracle already has something like this pre-packaged with its software.

 

Source:Leibman, Andrew (2010). SQL Server Encryption For The Masses. (Jan 2010) V.32 Issue 1. The Processor. Retrieved fromhttp://www.processor.com/editorial/article.asp?article=articles%2Fp3201%2F51p01%2F51p01.asp&guid=&searchtype=0&WordList=SQL+SERVER&bJumpTo=True