Data protection through encryption

Data that is stored on a physical media can be a target of unauthorized access attack. The physical media might be stolen, or the data might be accessed remotely. While you can use physical and computer security methods to protect your data from these types of attacks, encrypting the data offers more protection by preventing an attacker from reading the stolen files.

Encrypting the data is only effective if the attacker is not able to hijack computer accounts or passwords that were used to protect the data in the first place. Data that is stored in Microsoft SQL Server database files can be protected by using various encryption methods, such as:
  • Hard disk drive encryption
  • Encrypted file system
  • Transparent data encryption (TDE) - which is a feature of MS SQL Server Enterprise Edition
  • Cell encryption, which is done by encrypting individual columns in the tables of the database

Cell encryption is the method that is least dependent on the computer that hosts the database server, and can be used by any application that has access to the database because the data that is being written is encrypted by the application. However, this method has a significant impact on the application performance, and Microsoft cautions against using this method and suggests Transparent Data Encryption (TDE) as the alternative.

To improve product performance, AppScan® Enterprise no longer uses cell encryption. For some organizations, the cell encryption that was provided by AppScan® Enterprise was an added layer of protection in addition to existing data encryption measures required by their organizational standards, and so the data would remain protected in these situations.

For organizations that have not used any additional data encryption methods other than what was provided through cell encryption by AppScan® Enterprise, read the information in the Related Links section about how to enable data encryption and protect your data: