Solved

MS-SQL 2008 Standard - define the security for internal data

Posted on 2016-11-09
4
41 Views
Last Modified: 2016-11-15
Hi database gurus,

I'm looking for a technology for securing data inside a database. Is there is any way there we can secure data by protective marking ?
Any help tips guidance and references are highly appreciated.

I have found it can be done using SQL views and Custom app code. But there would be some disadvantages, further found there will be a security featured implemented in SQL 2016 called "Raw Level Security" but in my case I have MS-SQL 2008 Standard.

Please shed some lights on the situation.

Thanks in advance !
0
Comment
Question by:Shakthi777
  • 2
4 Comments
 
LVL 16

Accepted Solution

by:
Pawan Kumar Khowal earned 500 total points
Comment Utility
I think you should try out the column level security for data for Transparent Data Encryption ( TDE ) for data files and backups.

https://www.mssqltips.com/sqlservertip/2431/sql-server-column-level-encryption-example-using-symmetric-keys/

https://msdn.microsoft.com/en-us/library/bb934049.aspx

Hope it helps !!
0
 
LVL 45

Expert Comment

by:Vitor Montalvão
Comment Utility
What kind of security do you want?
Filter the data by user type (like, each user can only see his own data or maybe some few data more)?
Protect the data from hackers?
Other?
0
 

Author Comment

by:Shakthi777
Comment Utility
The database contents must be with protective marking.
0
 
LVL 45

Expert Comment

by:Vitor Montalvão
Comment Utility
So any user that access to the database can view all the data and what you need is to protect the database from non-authorized users, right?
Then best protection is always keep the server in a exclusive room and set the right permissions on the AD for only authorized users can access remotely the machine. Plus the necessary firewalls and then you can think in encrypting the database and also the backups.
This will make the hackers life harder.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
Familiarize people with the process of retrieving data from SQL Server using an Access pass-thru query. Microsoft Access is a very powerful client/server development tool. One of the ways that you can retrieve data from a SQL Server is by using a pa…
Viewers will learn how to use the INSERT statement to insert data into their tables. It will also introduce the NULL statement, to show them what happens when no value is giving for any given column.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now