I had the pleasure of attending a webcast on SQL Server 2005 Security from a developer perspective today. Dan Sellers, a member of the Microsoft Canada DPE team based in Calgary, was one of the key presenters during the session and he got asked an interesting question that I was curious to hear the answer to. The question dealt with encrypting columns in SQL Server 2005 tables, a new feature in the product, and was phrased as follows:
“If some fields of your table are encrypted and you are suspicious that the key has been revealed can you re-encrypt all the fields with the regenerated key”?
This is a great and valid question and Dan has posted a reply on his blog. Check it out at http://blogs.msdn.com/dansellers/archive/2006/03/22/558343.aspx.