Encryption options for SQL Server allow flexibility

22 May 2013
IT Industry Trends

Software encryption is one of the best ways to increase IT security and avoid an outside source from accessing company data. As Microsoft notes, it does not prevent the breach of a system, rather, it makes it less likely that stolen information can be read by a hacker. This is because encryption creates a particular formula or code that is needed to properly translate information. Without the right code, the data is unreadable.

For Microsoft's SQL Server, there is no shortage of options to help IT managers set up encryption technology as long as they have the proper Microsoft training. Some software users can find it difficult to comprehend how encryption for SQL Server is implemented because of the various ways in which the security measure can be configured. Depending on the logistical settings and needs of a particular IT infrastructure, some options may be more viable than others. 

Transparent protection
According to SQL Server Pro Magazine, Transparent Data Encryption (TDE) is one of the best forms of coded security used to protect software data sets. One of the main attractions to taking this approach is that it does not require that code be adapted. The source also noted that TDE allows its users to protect entire databases instead of just a portion of one. However, it is only available on the SQL Server Enterprise edition of the software, which means many SQL Server customers won't be able to use TDE.

Column and cell level encryption
Unlike TDE, column-level protection can be implemented in all SQL Server editions. Although it is viable for anyone to use, it does demand many adaptations of software and data coding. Also, this security measure can be detrimental to system performance, the source said. 

EFS should be avoided
Encrypting Files Systems (EFS) strategies may not be the best choice for businesses attempting to promote cybersecurity on SQL Servers. There can be a fair amount of expenses related to establishing this technology, which makes it a poor option, according to SQL Server Pro. Also, it can limit performance, just like TDE.  

Although encryption technology can boost system security, it's not always a necessary measure to have in place, Microsoft asserts. Only platforms that share data among employees on public networks will find encryption beneficial. A network that is configured locally may not have the same security needs. If using encryption, Microsoft recommends that companies should have strategies in place to manage passwords and certificates relating to the technology. Also, having IT workers take Microsoft certification courses for SQL Servers is a good idea.

Leave a Reply

Your email address will not be published. Required fields are marked *