Reputation: 13068
Encrypting filestream data
SQL Server 2008 supports data at rest security through TDE (Transparent data encryption), but the encryption excludes files stored on harddrive through FILESTREAM feature.
How have you handled encryption of this data on file system stored through FILESTREAM? Encrypted File System seems to be an option, but would cause problem during DB backup, as the encryption of db and filesystem are done by two different sources using (possibly) different encryption keys! Please share your thoughts.
Many thanks!
Upvotes: 5
Views: 2854
Answers (3)
Reputation: 2502
Native TDE does not support encrypting FileStreams
However there are two third party products that offer alternatives to TDE including FileStream encryption. They both work with all versions and editions of SQL Server. One is NetLib Encryptionizer for SQL Server and the other is DBDefence. Although they both work differently. Encryptionizer sits between SQL Server and the OS, while DBDefence injects code into the running SQL process using the (now defunct) Detours SDK. (Disclaimer: I am with NetLib Security).
Upvotes: 0
Reputation: 139
You may also consider 3rd party tool DbDefence to encrypt filestreams. It is free for small databases (up tp 2000 MB) but size of filestream data does not matter!
Upvotes: 0
Reputation: 20157
Can you have the folders where your FILESTREAM data reside be EFS encrypted by the account your SQL Server runs under?
Upvotes: 3
Related Questions
- Best way to encrypt FILESTREAM data?
- SQL Server encrypt mdf file
- How to encrypt MS SQL attached mdf file (user instance SQL Express)
- Encrypting data in SQL Server or C#
- Database file-level encryption
- encryption in sql server
- SQL filestream authentication best practices
- SQL Server Integrated Security
- Encrypting data in order to store in SQL Server
- SQL Server FILESTREAM storage