Solved

Default encryption level for SQL server 2008 R2

Posted on 2014-03-27
11
305 Views
Last Modified: 2014-05-16
If i wanted to encrypt data in SQL server 2008 R2 what level of encryption would SQL use by default?
0
Comment
Question by:iamuser
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
11 Comments
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 39960561
It depends.  Are you talking about TDE or Column level encryption?
0
 

Author Comment

by:iamuser
ID: 39960599
Is there one that SQL server defaults to? When I mean encryption I mean 3des, aes and etc

John
0
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 39960701
You have to be talking about Column level encryption and not TDE.

But to answer your question, there is no default you get to choose the most appropriate encryption to be used among around a dozen algorithms.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:iamuser
ID: 39969563
is there a way for me to tell what encryption is being used then?
0
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 39970881
Have you looked at the code?
0
 

Author Comment

by:iamuser
ID: 39971006
That's the thing, it's not my code and I'm very versed in code. But upper management wants to know.
0
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 39973930
So your question is, you have some data and you would like to know that encryption algorithm was used?  If so, the answer is there is no way of knowing unless perhaps you were a hacker in which case you would not be asking the question here.
0
 

Author Comment

by:iamuser
ID: 39976708
This:

"So your question is, you have some data and you would like to know that encryption algorithm was used? "

Is exactly it. We are going through PCI compliance and  our PCI consultant spoke with upper management and said that we need to know what the encryption level is for the data that's being encrypted (contains CC information). I'm not very familiar with data encryption but the jest of the conversation is that if it's 3DES then we have to change it to AES. The way the software works is that they use 3DES to encrypt a master key then use that to encrypt the systemic key, which is then used to encrypt the data. That however is not good enough.
0
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 39976908
Then my answer still stands:  Without seeing the code there is no way for you to know.
0
 

Author Comment

by:iamuser
ID: 39976910
So in other words only the developers of the application can tell me
0
 
LVL 75

Accepted Solution

by:
Anthony Perkins earned 500 total points
ID: 39976969
Yes, anyone who has access to the code can tell you.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
In 2017, ransomware will become so virulent and widespread that if you aren’t a victim yourself, you will know someone who is.
Via a live example, show how to extract insert data into a SQL Server database table using the Import/Export option and Bulk Insert.
Via a live example, show how to backup a database, simulate a failure backup the tail of the database transaction log and perform the restore.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question