Data security remains a top concern among technology executives – the majority of whom plan to invest heavily in safeguarding their IT assets. Microsoft is also stepping up its security game with the introduction of SQL Server 2016. The next version of Microsoft SQL Server includes Always Encrypted – an additional layer of security that keeps personally identifiable data such as Social Security numbers, private healthcare data or credit card data protected, even when the data is being used. HOSTING delves into the details of the security enhancements found in Microsoft SQL Server 2016.
Microsoft SQL Server 2016 with Always Encrypted
Always Encrypted protects data in motion and at rest. It also adds an extra security measure when data is actually being used – the point at which data can be most susceptible to attack, according to Ken Eguro, a Microsoft researcher who was part of the technology development team. The new security layer addresses that risk factor by keeping data encrypted during transactions and computations.
With Always Encrypted, SQL Server can perform operations on encrypted data with the encryption key residing with the application in the customers trusted environment. Encryption and decryption of data happens transparently inside the application which minimizes the changes that have to be made to existing applications.
While Always Encrypted keeps data encrypted throughout its lifecycle, it also provides decryption keys only to the client. If any unauthorized person – including a database or system administrator – tries to access a client database, they will be unable to unlock the data inside.
According to Bala Neerumalla, principal software engineer with SQL Server, Always Encrypted improves security in two ways.
“We reduce the attack’s surface area, and the number of people who have access to the data goes down,” Neerumalla explains.
With Always Encrypted, data is inherently more secure. Since the client is the only one holding the decryption keys, they feel comfortable knowing that their customers’ personal data is secure, regardless of whether it is being stored in cloud-based servers or on the clients’ on-premises servers. For organizations that understand the advantages of moving to the cloud, but want assurances that their data will still be safe, Always Encrypted is an ideal solution.
While SQL Server 2016 boasts enhanced security measures, it is also designed to be user-friendly.
“For most people using the system, it will be no different than what they were doing before. All of the complexity needed to make things work is hidden from the user,” Eguro notes.
Microsoft SQL Server Expertise from HOSTING
Have questions about Microsoft SQL Server? HOSTING Microsoft SQL Server experts stand ready to discuss the latest security features and enhancements this powerful database provides. Contact us anytime to talk about your data security goals. Our on-demand webinar, Taking the Pain Out of SQL Server Upgrade, can provide you with expert information and insights as well.