Microsoft-sql-encryption-page-banner

Microsoft SQL Server Encryption

CipherTrust SQL Server encryption protects sensitive data in Microsoft SQL Server databases

MSSQL Encryption

SQL databases – the traditional technology for managing structured data – are often the largest repository of sensitive data within an organization. Data of fixed length or format such as credit card or social security numbers live in columns beside e-mail addresses and other useful personal data all held in the same file.

But storing all of this data in one place makes it an attractive target for anyone looking to exploit and benefit from this sensitive data

Whether your goal is to secure intellectual property, comply with privacy or regulatory mandates, or simply guard the organization’s brand against reputational damage, SQL server database encryption is critical. The CipherTrust Data Security Platform for Microsoft SQL server encryption enables you to encrypt and secure sensitive assets in your Microsoft SQL Server databases, while avoiding the challenges traditionally associated with this form of encryption.

  • Challenges
  • Solutions
  • Benefits

Performance Impacts with SQL Server TDE

Microsoft SQL Server offers Transparent Database Encryption (TDE) functionality, which performs all encryption operations within the database itself. This results in a significant impact on database server resources

Administrative Complexity of Using SQL Server TDE

In most organizations, MS SQL Server will be just one of a number of areas where encryption is needed. Because SQL Server TDE only supports SQL Server encryption, this means separate products, training and workflows for multiple encryption implementations, increasing the cost and administrative effort associated with server encryption.

Inefficient and Complex Key Management

SQL Server TDE only offers minimal capabilities for managing encryption keys. Given that each instance of SQL Server requires a separate encryption key, having separate, disparately supported key managers results in a high degree of complexity, and exacerbates the risks of having keys lost or stolen.

CypherTrust Transparent Encryption

CypherTrust Transparent Encryption offers the capabilities you need to employ strong database encryption, with minimal effort and performance implications. With CypherTrust Transparent Encryption, you can secure sensitive assets in your Microsoft SQL Server databases, and in all the other databases running across your enterprise.

CipherTrust Application Encryption

For organizations that need to apply more granular encryption, including at the column or field level within databases, Thales offers CypherTrust Application Encryption, which simplifies the integration of encryption into existing corporate applications. The product features standards-based APIs, which are used to perform cryptographic and key management operations.

CipherTrust Manager

For enterprises that have chosen to use SQL Server TDE in their SQL Server environments, Thales offers secure and efficient cryptographic key management. CipherTrust Manager can centrally manage keys for SQL Server TDE, all Thales CipherTrust products, Oracle TDE, and other Key Management Interoperability Protocol (KMIP) compliant encryption platforms. As a result, organizations can centrally and securely manage all their encryption keys, while streamlining key administration.

Encryption for all Enterprise Databases

While SQL Server TDE can protect data within the database, CipherTrust’s SQL Server database encryption solutions secure data both inside and outside of the database. We also provide database encryption for IBM DB2, Oracle, MySQL, NoSQL, and Sybase. Thales CipherTrust solutions secure data on Windows, Linux, and UNIX operating systems, and they offer coverage of physical, virtual, and cloud-based servers.

Operational Efficiency

By offering a single console for managing encryption policies and cryptographic keys across a number of environments and technologies, CipherTrust encryption solutions from Thales minimize administrative overhead. With this unified coverage, Thales helps security teams avoid database encryption silos, reduce costs, and apply security policies more broadly and consistently.

Robust, Scalable Performance That Meets Your Requirements

Compared to SQL Server TDE, CypherTrust encryption offers far superior performance. With CypherTrust’s Oracle encryption solution, encryption and decryption are performed at the optimal location: in the file system or volume manager. Further, the CipherTrust SQL encryption solution can take advantage of microprocessor encryption technology, such as Intel AES-NI, to further minimize the performance overhead of encryption.

  • Related Resources