Skip to content
Tags

,

SQL Azure Database has No Encryption In Place

2014/08/25

[This is part Nine of Top 10 Things You Will Hate About Azure SQL Database]

Top109

Currently there is no way to encrypt at rest data in Azure SQL Database. The data in the pipeline is encrypted using SSL, but if you want to obscure the data in the database there is no mechanism for this. As for encrypting the database files themselves I’m not even sure this makes sense given the platform as a service configuration. While I do know that some companies have used the lack of column level encryption as an excuse not to move to SQL Database I don’t think most will even notice.

When you consider that most DBAs believe their number one job is to protect the company’s data I am surprised that more data is not encrypted. I don’t just mean in SQL Server, but in all aspects of IT. It is interesting to me that encryption, a technology that has been around for decades, has not caught on and isn’t as simple as flipping a switch. Of course in the on premises version of SQL Server we now have the TDE switch which will encrypt the data files while they are at rest. Even this simple mechanism for securing the files supporting a database (the data files and the backup files) is still not used consistently and is not understood by many IT professionals.

Whenever I am on a SQL Server project that looks at using Symmetric or Asymmetric keys to encrypt data the team is always more interested in how it will affect performance than anything else. I don’t think I have ever been asked to describe the levels of encryption or how secure it will make the data. Often the encryption options are replaced with using database roles and views to prevent users form accessing data.

I’ve sort of veered off topic a little, but while I was considering the fact that SQL database has no encryption features I started wondering if this is the show stopper that I want it to be. I believe that column level encryption will eventually get added at some point and it will be interesting to see how often it is used.

 

Advertisements

From → SQL Server

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s