I believe in encryption. I have an encryption talk that delivers the very basics of what encryption options exist in SQL Server, and I would think that most data professionals that develop or manage databases should understand encryption and how to enable it. I find lots of people don’t understand, and I’m glad that I can try to teach them a few things about when encryption is and how it works in SQL Server.
Cloud computing use is growing, and while we don’t have a good definition for what a cloud computing means, more and more organizations are considering looking at moving some of their applications, and data, to the cloud. As we move this data, many DBAs have concerns over the security of the data they are supposed to protect. These are valid concerns, and they should be at the forefront of your mind if you plan on moving anything to any type of service provider.
One interesting point brought up in this op-ed is that customers ought to have their data encrypted, but the keys used for the encryption should be controlled by the customer, not the service provider. That’s sound business strategy, and it should be the case with all your data, not just data sent to the cloud. If you use a service to rotate and store your tape backups, you ought to have encryption on those tapes, with keys managed by your company. Just as you ought to have the keys inside your company if you use locks on the shipping containers holding the tapes.
The Voice of the DBA Podcasts
We publish three versions of the podcast each day for you to enjoy.