Reputation: 133
What can be used as an alternative to encryption on SQL server?
We have a process where data is sent from one database to another for distribution. The process chosen at the time was to encrypt the data because of all the people that could access the database. However, de-crypting the data is a slow process. What are the alternatives to securing the data on the servers to prevent access?
Upvotes: 0
Views: 978
Answers (3)
Reputation: 126
Couple of recommendations
- Work with DBA to create roles and restrict access to sensitive columns. In this case you don't have to encrypt.
- Few columns you have to encrypt due to regulatory requirements. Selectively encrypt only the columns having sensitive data.
Also use relatively faster algorithms like AES. You can also cache the crypto object if not already done.
Upvotes: 0
Reputation: 6850
It all depends on your requirements.
If you really need to keep the data private from people whom have access to the database then you pretty much have no option but to encrypt.
If you are sending the data to other locations and it is the transfer itself that needs to be secure you can use encyption for just the communication, ie webservices over https or custom encryption over tcp/ip, or saving to flat files and encrypting it as a whole..
If the data itself needs to be hidden from the people whom have access to it then there is a question of how secure the data needs to be.. If you are just wanting to avoid clear text there are some pretty fast encryption algorithms that can be used, here is a List of different encryption algorithms.
But if you are storing things like medical history or banking information then you have no option but to either upgrade your hardware to improve performance or take the processing time like a man ;).
If we are talking about passwords, where you only need to know if the user entered the correct password or not, then you could hash the passwords with a salt, and compare with the database hash, read more about that here: Link.
Upvotes: 1
Reputation: 6167
Easy answer: none. The only way to prevent people with physical access to the database table (note: the database TABLE - most DBMS can set access rights for indivifual tables) from reading it, is encrypting the data. It really is that simple.
Upvotes: 0
Related Questions
- How to encrypt data in sql server 2012 or sql server 2008 r2?
- Database data encryption in SQL Server for web application
- How to Encrypt Column Data in SQL?
- Encryption on the fly
- encryption in sql server
- Tools to encrypt sql server database
- What kind of encryption mechanisms does SQL Server 2008 Standard offer?
- Encrypted SQL database?
- SQL Server encrypting data
- Best way to encrypt certain fields in SQL Server 2008?