The unique approach can be seen from the incorporated encryption that resides on the storage level, as the data is secured as it appears in the columns. When under attack, an intruder that succeeds in bypassing database application firewalls and other perimeter security will find ciphertext not clear or understandable data.
Some of the new and enhanced product capabilities include:
MSDE Encryption - DbEncrypt for Microsoft SQL Server is the only product that is able to encrypt MSDE (Microsoft SQL Server Desktop Engine). Developers that embed database features into their desktop applications using MSDE for custom enterprise-scale applications, can be assured that sensitive data stored in the local database are completely secured and available at all times.
Ease of Encryption Management - Database administrators (DBAs), application developers, and system integrators are able to pick from a range of templates to build their own encryption procedures using a point-and-click user interface for efficiently installing and managing the encryption. Administrators can also easily create public/private key pairs for a group, and quickly grant or revoke access.
Advanced Auditing Configurations - The ability to view all transactions and procedures, and subsets thereof, provides administrators the ability to track and analyze database access and usage. Details on which users have logged on and the specific tasks they have performed on encrypted columns, allows administrators to quickly retrace any attempts at intrusion. An easy-to-customize audit configuration option enables efficient risk management practices. For instance, the administrator can set maximum size of the audit file or assign audit keys to another user, if needed.
Enhanced Recovery Mechanism - To protect companies against the accidental loss of passwords used to encrypt data, DbEncrypt for Microsoft SQL Server is designed so that multiple logins have shared access to a single encryption key for a data column. Each login has an encrypted copy of the key based on their own password, eliminating the chance of data loss as in the case of single logins. As a double-assurance against the risk of lost passwords, DbEncrypt for Microsoft SQL Server offers a restoration password capability that is never used unless a key needs to be restored. The use and installation of this functionality is optional.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.