SQL Server Transparent Database Encryption (TDE)

Overview of TDE with some details on major administrative issues. Many people who’ve played around with TDE seem to have had trouble with restoring a TDE database on an alternate server, and the confusion seems to stem primarily from the deep encryption heirarchy for TDE. It’s not too hard, however, once you realize that you…

1

Enabling SSL on SQL Server Connections on Failover Clusters

With high-security SQL Server configurations we usually want to encyrpt the data-in-transit between SQL Server and the application servers. It’s a little more trouble with a Failover Cluster Instance (FCI) than a stand-alone instance, and this post is primarily just a link to help me make sure I can easily find this article: http://msdn.microsoft.com/en-us/library/ms191192.aspx. I’ll…


Does the DoD STIG require Transparent Database Encryption (TDE)?

Does the DoD STIG require Transparent Database Encryption (TDE)? The short answer is: It depends on whether or not the Data Owner says the data must be encrypted. The current version of the DoD Database STIG is v8r1. Here are two relevant sections from that document: 3.1.4.3Unique security requirements (encryption of sensitive data)Access to sensitive…


Enabling Transparent Data Encryption (TDE)

Transparent Data Encryption (TDE) is a feature added in SQL Server 2008 which allows you to encrypt an entire database at a time. A major potential benefit is that when TDE is enabled, all backups are automatically encrypted, which may be worthwhile if you have concerns that copies of the backup files may end up…