Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion Groups
DB Engine
SQL ServerMSDESQL Server CE
Services
Analysis (Data Mining)Analysis (OLAP)DTSIntegration ServicesNotification ServicesReporting Services
Programming
CLRConnectivitySQLXML
Other Technologies
ClusteringEnglish QueryFull-Text SearchReplicationService Broker
General
Data WarehousingPerformanceSecuritySetupSQL Server ToolsOther SQL Server Topics
DirectoryUser Groups
Related Topics
MS AccessOther DB ProductsMS Server Products.NET DevelopmentVB DevelopmentJava DevelopmentMore Topics ...
SQL Server Forum / General / Security / January 2006

Tip: Looking for answers? Try searching our database.

how to encrypt db files

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Hassan - 24 Jan 2006 05:04 GMT
Came across the following on best practises as well

" Use the SQL Server service account to encrypt database files with EFS."

How do you set it up ?
Reply to this Message
Michael Hotek - 24 Jan 2006 14:12 GMT
Just because it is on someone's best practices list, doesn't mean it should
just be grabbed and executed.  When you encrypt the files on the OS, you
incur a performance hit everytime they need to be accessed to do the
decrypt/encrypt.  Since a database server never quits reading or writing to
the files, this can be a rather heavy load on the machine and cause
significant degradation in performance.

Signature

Mike
http://www.solidqualitylearning.com
Disclaimer: This communication is an original work and represents my sole
views on the subject.  It does not represent the views of any other person
or entity either by inference or direct reference.

> Came across the following on best practises as well
>
> " Use the SQL Server service account to encrypt database files with EFS."
>
> How do you set it up ?
Reply to this Message
Josh Assing - 24 Jan 2006 14:50 GMT
>decrypt/encrypt.  Since a database server never quits reading or writing to

Actually SQL2005 seems to close the file if no active query is running...

--- AntiSpam/harvest ---
Remove X's to send email to me.
Reply to this Message
Mike Hodgson - 24 Jan 2006 22:58 GMT
The server is supposed to hold the individual database files open and in
a ready state regardless of user activity.  Are you sure you don't have
the autoclose property turned on for the database you are looking at?

That is:

   select databaseproperty('<dbname>', 'IsAutoClose')

--
*mike hodgson*
http://sqlnerd.blogspot.com

>>decrypt/encrypt.  Since a database server never quits reading or writing to
>>    
[quoted text clipped - 4 lines]
>Remove X's to send email to me.
>  
Reply to this Message
KenJ - 28 Jan 2006 03:41 GMT
Hi Hassan,

Encrypting your data files can be a prudent measure (MSDE instance on a
field salesperson's laptop with customer data, for example).  I
wouldn't necessarily recommend it on the server side.

Here is a nice how-to on encrypting your files using EFS...
http://www.sqlservercentral.com/columnists/bkelley/implementing_efs.asp
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2009 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.