Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
kumarich1
Yak Posting Veteran
99 Posts |
 Posted - 2009-03-03 : 15:06:57
|
| Hi,I am trying to encrypt existing data (credit card #,SSN, passwords) on sql server. What is the best method to use for this in order to be in PCI compliant? I found some articles on BOL, but all are good for new data nothing specifically tells how to encrypt existing data , the only method I found is using encryptbypassphrase and decryptbypassphrase functions.I would like to hear from DBA's how they accomplished this task.Please advise.Thanks |
|
|
saurabhsrivastava
Posting Yak Master
216 Posts |
Posted - 2009-03-03 : 15:55:41
|
| Are we talking about SQl 2005 or SQl 2008. In both cases when you set up encryption on a column it encrypts all data existing and future. Check this link http://msdn.microsoft.com/en-us/library/ms179331.aspxUnfortunately SQl 2000 has no native capabilities to encrypt column. Ou have to use third party products |
 |
|
|
kumarich1
Yak Posting Veteran
99 Posts |
Posted - 2009-03-03 : 16:23:22
|
| I looked at the article, I don't understand how secured this is, if anybody finds out the certificate and symmetric key, they can decrypt all the data. |
|
|
|
saurabhsrivastava
Posting Yak Master
216 Posts |
Posted - 2009-03-03 : 16:54:34
|
| no matter what algo or software you use all of them uses some or other kind of encryptions keys, even third party products, now its up to you how you secure keys. Because external access your database not folders/files on your system. You can restrict access to folders where key is placed. Security is a protection mechanism and no one can gurantee you 100% secure system in a real world. I would suggest you to define your requirements first and evaluate against available solutions and opt for the best one. |
|
|
|
|
|
|
Encrypt existing data