Solved

Default encryption level for SQL server 2008 R2

Posted on 2014-03-27
11
297 Views
Last Modified: 2014-05-16
If i wanted to encrypt data in SQL server 2008 R2 what level of encryption would SQL use by default?
0
Comment
Question by:iamuser
  • 6
  • 5
11 Comments
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 39960561
It depends.  Are you talking about TDE or Column level encryption?
0
 

Author Comment

by:iamuser
ID: 39960599
Is there one that SQL server defaults to? When I mean encryption I mean 3des, aes and etc

John
0
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 39960701
You have to be talking about Column level encryption and not TDE.

But to answer your question, there is no default you get to choose the most appropriate encryption to be used among around a dozen algorithms.
0
 

Author Comment

by:iamuser
ID: 39969563
is there a way for me to tell what encryption is being used then?
0
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 39970881
Have you looked at the code?
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:iamuser
ID: 39971006
That's the thing, it's not my code and I'm very versed in code. But upper management wants to know.
0
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 39973930
So your question is, you have some data and you would like to know that encryption algorithm was used?  If so, the answer is there is no way of knowing unless perhaps you were a hacker in which case you would not be asking the question here.
0
 

Author Comment

by:iamuser
ID: 39976708
This:

"So your question is, you have some data and you would like to know that encryption algorithm was used? "

Is exactly it. We are going through PCI compliance and  our PCI consultant spoke with upper management and said that we need to know what the encryption level is for the data that's being encrypted (contains CC information). I'm not very familiar with data encryption but the jest of the conversation is that if it's 3DES then we have to change it to AES. The way the software works is that they use 3DES to encrypt a master key then use that to encrypt the systemic key, which is then used to encrypt the data. That however is not good enough.
0
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 39976908
Then my answer still stands:  Without seeing the code there is no way for you to know.
0
 

Author Comment

by:iamuser
ID: 39976910
So in other words only the developers of the application can tell me
0
 
LVL 75

Accepted Solution

by:
Anthony Perkins earned 500 total points
ID: 39976969
Yes, anyone who has access to the code can tell you.
0

Featured Post

Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

Join & Write a Comment

Explore the encryption capabilities built into Google Apps and how these features can help you meet privacy policy and regulatory compliance, but are not a full solution. Understand and compare the most popular email encryption services for Google A…
Ever wondered why sometimes your SQL Server is slow or unresponsive with connections spiking up but by the time you go in, all is well? The following article will show you how to install and configure a SQL job that will send you email alerts includ…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Viewers will learn how to use the INSERT statement to insert data into their tables. It will also introduce the NULL statement, to show them what happens when no value is giving for any given column.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now