Avatar of JDL129
JDL129
 asked on

Securing SQL Server 2012

Hey guys!!

I must secure a sqlserver database.  I've read quite a bit about certificates and key but being a newbie to security I'm lost.

I am using 2005 express and 2012 express.

Any help would certainly be appreciated.

Thanks,
Jerry
EncryptionMicrosoft SQL Server

Avatar of undefined
Last Comment
JDL129

8/22/2022 - Mon
Gregory Miller

Securing the server can mean a lot of things. You mention certificates in your question which is really encryption, not really security. Are you trying to simply encrypt the database or are you trying to prevent access? Or both?
JDL129

ASKER
Technodweeb!!!!!  Thanks for the post!!

My main goal is to prevent access to files with patient medical information that are contained in a sql server 2005 express database.  How would be the best way to go about it?

Sorry I'm late answering but the bank screwed up my account and EE was not able to process my payment.

Thanks again!!

Jerry
Gregory Miller

With medical information you need to study up on HIPPA Compliance. I cannot advise you on this topic. As for good first steps to safeguard your data would be to store things that are sensitive in an encrypted fashion as you were speaking of initially.

For the best performance, you could encrypt the data before placing it into the data fields. This would happen on-the-fly and each computer in the network would never feel the performance hit. The other way to do it would be to encrypt the tables in the SQL database itself which will be a much bigger performance hit as every transaction would require an encryption or decryption process to occur. This requires Express 2005 or greater which you have. The only other option would be to encrypt the file system where the database files reside, but this will be even more of a performance hit as every filesystem read and write will be affected.
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
JDL129

ASKER
Thanks for the post!!!!

How would I go about encrypting the data before placing it into the data fields and also how would I go about decrypting it when I read it back into the database.

THANKS!!!!

Jerry
ASKER CERTIFIED SOLUTION
Gregory Miller

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
JDL129

ASKER
WONDERFUL!!!