To continue with this content, please log in with your Data Access ID or create a new account.
Cancel Data Access ID
You may not be authorized to see this content. Please contact Data Access Europe for more information.
Cancel Data Access Europe
You are not authorized to see this content.
Cancel Data Access Europe
Next lesson:
Encryption Symmetric key encryption seclib

Security the Basics

Lesson 9: Data at Rest

Data at rest is data that is not being actively used. It can be data on a hard drive, in log files, copies on a database or in backups.

Full disc encryption is the safest and easiest thing to do to make sure all backups are secure, and it does not impact performance. Bitlocker is a recommended option for full disc encryption. Note: do not lose the key because without it everything is lost. 

SQL server has encryption options that go beyond full disc encryption. One is transparent data encryption (TDE). TDE is very useful, but is for the entire database server, not just a single database. It also protects backups and files that are online. Another option within SQL server is the highly advanced always on encryption. This type of encryption will protect file stream data; being transferred across the network, for example. Note that this is not currently available with the connectivity kit. It can be manually applied with code changes, however, and the security library can assist in doing so.