Proprietary data in SQL2005

I'm trying to understand what I can do to protect proprietary data in SQL
2005. I have an application that currently uses Paradox and I plan to move
it to SQL 2005. Most users will start off with SQL 2005 Express, but will
eventually move to a 'full' version of SQL Server. Paradox allows me to
encrypt whole tables. I know it's not very good security because someone
can still do memory dumps etc. but in combination with licensing agreements
it's probably sufficient in my case to protect proprietary data stored in
the database. Can I achieve something similar in SQL 2005?
I see that I can encrypt data in specific columns, but I'm guessing that
those columns can't be indexed? (Or if they were indexed, it would have to
be the encrypted values rather than the original unencrypted values that
would actually be indexed thus making the indexing less useful)? It doesn't
seem like there's any way to encrypt a whole table?
In some of the stuff I've read, I get the sense that if I create a named
instance of a new SQL Server (Standard or Express), I can set up my instance
to only use SQL Authentication. Then I can prevent the Computer Admin of
the machine where SQL Server is installed from using his/her Windows
Authentication to access the database or named instance of the server. The
only way to configure the server or it's databases would be to know the SA
password and use SQL Authentication to log into the SQL server instance. Is
this correct? And, what does this gain me? How hard would it be to take
the database from my named instance and move it to a different SQL Server
Instance and then gain access to it?Hi,
Thanks for using Microsoft Online Managed Newsgroup.
From your description, I understand that:
You wanted to know:
1. if you can encrypt a whole table in SQL Server 2005;
2. if you can set up your SQL Server instance only use SQL Authentication;
3. how you can move your database from your named instance to a different
SQL Server instance and gain access to it.
If I have misunderstood, please let me know.
For your first question, by now there has been no such setting to encrypt a
whole table in SQL Server. You can encrypt a particular column in a table
by using a key or a certificate. You may refer to:
Improving Data Security by Using SQL Server 2005
http://www.microsoft.com/technet/it...tsec.mspx#EYAAC
For your second question, I would like to let you know that SQL Server has
only two authentication mode: one is Windows Authentication mode; the other
is Mixed Authentication mode (include Windows Authentication and SQL
Authentication). So Windows authentication will be always used by SQL
Server. Any trusted connections or local users can access your SQL Server,
however they will not have permissions to access databases if they are not
members of local administrators group and if you do not assign permissions
to them.
For your last question, I recommend that you:
1. Fully backup all of your user databases and logs;
2. Restore the databases to your new SQL Server instance;
3. Transfer SQL Server logins and passwords to the new SQL Server instance.
Please refer to:
How to transfer logins and passwords between instances of SQL Server
http://support.microsoft.com/kb/246133/en-us
Also, I strongly recommend that you refer to this article for more
information:
How to move databases between computers that are running SQL Server
http://support.microsoft.com/kb/314546/en-us
Besides, for SQL Server 2005 instance, you can also use Copy Database to
move the databases:
Using the Copy Database Wizard
http://msdn2.microsoft.com/en-us/library/ms188664.aspx
If you are very concerned with the table level encryption, I recommend that
you give Microsoft feedback via the link:
https://connect.microsoft.com/SQL
Your feedback will be routed to SQL team so that this feature will probably
be included in the next release.
Look forward to your reply. If you have any other questions or concerns,
please feel free to let me know. It is my pleasure to be of assistance.
Charles Wang
Microsoft Online Community Support
========================================
==============
When responding to posts, please "Reply to Group" via your newsreader
so that others may learn and benefit from this issue.
========================================
==============
This posting is provided "AS IS" with no warranties, and confers no rights.
========================================
==============|||Hi,
What is everything going on? Please feel free to let me know if you need
further assistance.
Have a great day!
Sincerely yours,
Charles Wang
Microsoft Online Community Support