Solved

MS-SQL 2008 Standard - define the security for internal data

Posted on 2016-11-09
4
79 Views
Last Modified: 2016-11-15
Hi database gurus,

I'm looking for a technology for securing data inside a database. Is there is any way there we can secure data by protective marking ?
Any help tips guidance and references are highly appreciated.

I have found it can be done using SQL views and Custom app code. But there would be some disadvantages, further found there will be a security featured implemented in SQL 2016 called "Raw Level Security" but in my case I have MS-SQL 2008 Standard.

Please shed some lights on the situation.

Thanks in advance !
0
Comment
Question by:Shakthi777
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 29

Accepted Solution

by:
Pawan Kumar earned 500 total points
ID: 41881599
I think you should try out the column level security for data for Transparent Data Encryption ( TDE ) for data files and backups.

https://www.mssqltips.com/sqlservertip/2431/sql-server-column-level-encryption-example-using-symmetric-keys/

https://msdn.microsoft.com/en-us/library/bb934049.aspx

Hope it helps !!
0
 
LVL 51

Expert Comment

by:Vitor Montalvão
ID: 41881779
What kind of security do you want?
Filter the data by user type (like, each user can only see his own data or maybe some few data more)?
Protect the data from hackers?
Other?
0
 

Author Comment

by:Shakthi777
ID: 41881785
The database contents must be with protective marking.
0
 
LVL 51

Expert Comment

by:Vitor Montalvão
ID: 41881820
So any user that access to the database can view all the data and what you need is to protect the database from non-authorized users, right?
Then best protection is always keep the server in a exclusive room and set the right permissions on the AD for only authorized users can access remotely the machine. Plus the necessary firewalls and then you can think in encrypting the database and also the backups.
This will make the hackers life harder.
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against  DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question