Blog

  • Database Files Down The Wrong Path

    I manage a few servers used to host SQL Instances for development and test purposes. Each of those instances hosts databases covering multiple environments. So I’ve got multiple servers, with multiple instances, with multiple environments. It’s important that issues in those environments don’t block development tasks, or invalidate or block testing cycles, so I like… Read more

  • RDS encryption vs TDE

    If you’re starting to use cloud services, the number of options available can be confusing. Particularly when they may seem to do the same thing. If you’re on AWS, and you want to create a SQL Server instance on RDS (Relational Database Service), then you potentially have a couple of different options for enabling encryption… Read more

  • T-SQL Tuesday #101 – Some Great SQL Server Tools

    This month for T-SQL Tuesday #101 Jens Vestergaard asks us to blog about the essential tools in our SQL Toolbelt. http://t-sql.dk/?p=1947 I’d just completed by post on CMS when I realised I’ve blogged about a few of my favourite tools in the past and that this would be a good opportunity to share them again in… Read more

  • T-SQL Tuesday #101. CMS – Effortlessly run queries against multiple SQL Servers at once

    This month for T-SQL Tuesday #101 Jens Vestergaard asks us to blog about the essential tools in our SQL Toolbelt. http://t-sql.dk/?p=1947 The concept of a Central Management Server (CMS) is one I’ve been meaning to blog about for a while – just because I get the impression not a lot of people know about it… Read more

  • TDE – Regenerating the Database Encryption Key

    As discussed in the last post, with TDE (Transparent Data Encryption), you generally do not need to change the Database Encryption Key (DEK) as it is separately protected by a certificate in the master database and you can rotate the certificate periodically. Rotating TDE Certificates without re-encrypting data As also mentioned, if you did need… Read more

  • Rotating TDE Certificates without re-encrypting data

    I talked previously about why we have each of the layers in the encryption hierarchy used to support TDE (Transparent Data Encryption). Understanding Keys and Certificates with Transparent Data Encryption (TDE) At the time I mused about why we need the encryption key in the database itself, rather than just encrypting with the keys associated… Read more