-
The Cost of not Following the Regulations Around Data
Brent Ozar shared in his weekly links this week a GDPR penalty tracker which makes for thought-provoking reading. Regular readers of this blog will know I have a keen interest in data protection and encryption – on which topic I’ve written a book – so it’s interesting so see some figures of what failing in… Read more
-
Securing the Root Keys for TDE
In this quick post we’re going to look at an additional step you should take to secure your TDE databases. This is a step you won’t find in any other documentation on setting up TDE in SQL Server that I’ve seen, so it probably bears a little explaining. We looked at the encryption hierarchy in… Read more
-
Setting up TDE
Transparent Data Encryption (TDE) is one of the easiest ways of encrypting your data at rest. In the previous posts we looked at what TDE is and how it works. In this post we go through the steps of setting TDE up. You can set up TDE when you first create a database (which we… Read more
-
Identify Unused Indexes across all Databases
I had a request regarding how to identify unused indexes across all databases on a SQL Server instance (rather than just the current one). I’ve written this script before so thought I’d post it up here on my blog for the future use of myself and others. The script uses the undocumented sp_MSforeachdb internal stored… Read more
-
How Secure is TDE?
When we consider how secure a form of encryption is there are two things we want to consider. Let’s discuss each of these in turn. What are We Protected From? TDE encrypts data stored on the file system, so it should be pretty clear that we are trying to protect ourselves from an attacker who… Read more
-
Understanding Keys and Certificates with TDE
When you first look at the encryption hierarchy for TDE in SQL Server it can be a bit daunting. There seem to be a lot of objects involved and it might not be clear why each is required. It can be tempting to skip a full understanding of all the objects and just get on… Read more
