0%

This in-depth look at the encryption tools available in SQL Server shows you how to protect data by encrypting it at rest with Transparent Data Encryption (TDE) and in transit with Transport Level Security (TLS). You will know how to add the highest levels of protection for sensitive data using Always Encrypted to encrypt data also in memory and be protected even from users with the highest levels of access to the database. The book demonstrates actions you can take today to start protecting your data without changing any code in your applications, and the steps you can subsequently take to modify your applications to support implementing a gold standard in data protection.

The book highlights work that Microsoft has been doing since 2016 to make encryption more accessible, by making TDE available in the standard edition, and the introduction of Always Encrypted that requires minimal work on your part to implement powerful and effective encryption, protecting your data and meeting regulatory requirements. The book teaches you how to work with the encryption technologies in SQL Server with the express goal of helping you understand those technologies on an intuitive level. You’ll come away with a deep level of understanding that allows you to answer questions and speak as an expert. The book’s aim is to make you as comfortable in deploying encryption in SQL Server as you would be in driving your car to buy groceries. 

Those with a data security mindset will appreciate the discussion of how each feature protects you and what it protects you from, as well as how to implement things in the most secure manner. Database administrators will appreciate the high level of detail around managing encryption over time and the effect of encryption on database performance. All readers will appreciate the advice on how to avoid common pitfalls, ensuring that your projects to implement encryption run smoothly.


What You Will Learn
  • Architect an effective encryption strategy for new applications
  • Retrofit encryption into your existing applications
  • Encrypt data at rest, in memory, and in transit
  • Manage key and certificate life cycles, including backup and restore
  • Recover encrypted databases in case of server failure
  • Work with encryption in cloud-based scenarios


Who This Book Is For

Database developers, architects, and administrators who want to work with encryption in SQL Server; those who want to maintain encryption whether data is at rest or being transmitted over the network; and those who wish to encrypt their data even when in the server’s own memory. Readers should be familiar with SQL Server, but no existing knowledge of encryption is assumed.

Table of Contents

  1. Cover
  2. Front Matter
  3. Part I. Understanding the Landscape
  4. Part II. At-Rest Encryption
  5. Part III. Column Encryption using Always Encrypted
  6. Part IV. Column Encryption using Always Encrypted with Enclaves
  7. Part V. Completing the Picture
  8. Back Matter