SQL Server 2016 Security Features

Slides:



Advertisements
Similar presentations
Visualize Success 2011 Tony Gunter Professional Services Visual South, Inc. Advanced Browse and Excel Interface.
Advertisements

Introduction to HTML5 By Sam Nasr, MCAD, MCT, MCTS, MVP Nasr Information Systems October 22, 2013.
Power BI Sites and Mobile BI. What You Will Learn Sharing and Collaboration Introducing Power BI Exploring Power BI Features and Services Partner Opportunities.
By Sam Nasr Nasr Information Systems May 14, 2013.
Overview and Roadmap for Microsoft SQL Server Security
Enterprise Reporting with Reporting Services SQL Server 2005 Donald Farmer Group Program Manager Microsoft Corporation.
OM. Brad Gall Senior Consultant
Jim McLeod MyDBA  SQL Server Performance Tuning Consultant with MyDBA  Microsoft Certified Trainer with SQLskills Australia 
We will start soon. Feel free to ask (chat window) anything you want before we start.
CRM in Education: Raising Standards. Saving Time. Presented by: Daniel Petersen Director of Business Solutions Applied Tech.
Intro to Datazen.
SQL Server Evolution New innovations Jen Underwood Sr. Program Manager of Business Intelligence & Analytics Microsoft George Walters Sr. Technical Solutions.
Level 300 System Center App Controller 2012 Marin Franković, Visoko učilište Algebra.
14 New T-SQL Functions By Sam Nasr, MCAD, MCT, MCTS NIS August 18, 2012.
14 New T-SQL Functions By Sam Nasr, MCAD, MCTS. MVP Nasr Information Systems February 8, 2014.
End to End Always Encrypted in SQL Server 2016 Steve Jones SQLServerCentral Redgate Software.
BI Development By Sam Nasr, MCAD, MCT, MCTS Nasr Information Systems February 5, 2011.
Putting Your Head in the Cloud Working with SQL Azure David Postlethwaite 18/06/2016David Postlethwaite.
ASP.NET Core* Shahed Chowdhuri Sr. Technical WakeUpAndCode.com Deploying Your Web Apps * aka ASP.NET 5 before RC1.
Intro to Azure SQL Databases. INTRO TO AZURE SQL DATABASES Mike Fal.
SQL Database Management
Azure SQL Database Updates
Securing Your Data With SQL 2016 (An overview of Always Encrypted)
FileTables Sam Nasr, MCAD, MCTS, MVP NIS Technologies
Programming with FileStream Object
DYNAMIC CONTENT DELIVERY
Temporal Tables Sam Nasr, MCSA, MVP NIS Technologies July 22, 2017
Hiding Data from Prying eyes: Using SQL Server 2016 Always Encrypted
Data Platform and Analytics Foundational Training
SharePoint Hybrid Capabilities
What are they? The Package Repository Client is a set of Tcl scripts that are capable of locating, downloading, and installing packages for both Tcl and.
Long Business Systems, Inc
Data Virtualization Demoette… ADO.NET Client
6/16/2018 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
2010 Microsoft BI Conference
Building Applications with LUIS
Solving the Hard Problems
FileTables By Sam Nasr, MCAD, MCT, MCTS NIS October 6, 2012
Using FileTables Sam Nasr, MCSA, MCT, MVP NIS Technologies
Encryption in SQL Server
Digital Forensics 2 Lecture 2A: Obfuscation and Synchronization of
Using FileTables Sam Nasr, MCAD, MCTS, MVP NIS Technologies
Data Virtualization Community Edition
Always Encrypted, Data Masking, Row Level Security
Always Encrypted in the Real World
14 T-SQL Functions You May Not Know
Security enhancements in SQL Server 2016
Encrypting Data within SQL Server
SharePoint Essentials Toolkit
Beginners 101 Guide To Always Encrypted
Brandon Lukes SSMS Tips and Tricks.
Security Enhancements in SQL Server 2016
End to End Security and Encryption in SQL Server
14 T-SQL Functions You May Not Know
Patrick Flynn | Link Group Australia
Integrating REST API and SQL Server JSON Functions
Power BI with Analysis Services
SQL Server 2016 Security Features
Rich Benner SQL Server Performance Richbenner.com.
What is New in SQL Server 2016 BI Stack
Data Time Travel with Temporal Tables
Overview of Databases and Salesforce Chapter 1
Michelle Haarhues Keeping up with SSMS.
The Force Within Management Data Warehouse
Boston Code Camp – April 2019 Jason Haley
Using FileTables Sam Nasr, MCSA NIS Technologies August 3, 2019.
Data Time Travel with Temporal Tables
Preparing for the Windows 8.1 MCSA
Data Time Travel with Temporal Tables
Presentation transcript:

SQL Server 2016 Security Features Sam Nasr, MCSA, MVP NIS Technologies February 3, 2018

Introduction Software Developer (since 1995) Sam Nasr (@SamNasr) Software Developer (since 1995) Sr. Software Engineer (NIS Technologies) Certifications: MCSA, MCAD, MCT, MCTS President - Cleveland C#/VB.Net User Group President - .Net Study Group INETA Community Champ (2010, 2013) Author for Visual Studio Magazine Microsoft Most Valuable Professional (since 2013)

Cleveland C#/VB.Net User Group Meets every month Free of charge , open to the public Meeting info: https://www.meetup.com Meeting Space courtesy of Pizza and drinks courtesy of

Housekeeping Bathrooms Forum for learning: feel free to ask questions Cell phones on vibrate please

Agenda Dynamic Data Masking (DDM) "Always Encrypted“ Row-Level Security

DDM (Dynamic Data Masking) Hide specific portions of a column Users can be granted UNMASK rights Can be added to existing tables or during CREATE Does not work with encrypted values DDM does not work with encrypted values (encrypted in app or Always Encrypted).

DDM Functions Default: String: XXXX Numeric/Binary: 0000 Date/time: 01.01.2000 00:00:00.0000000 Email: aXXX@XXXX.com Random: mask numeric values using a random value. Partial:

Demo Demo #1

Always Encrypted A client-side encryption technology Auto encrypt when data is written/read by app Requires client app to use an Always Encrypted–enabled driver Client requires access to the encryption key. Other apps can query data but cannot use it without encryption key SQL Server instance never sees the unencrypted version of the data.

Always Encrypted – Setup Create Column Master Key Definition Create Column Encryption Key

Column Master Key Stored in a Windows certificate store 3rd Party Hardware Security Module (HSM) Requires Enterprise Edition Azure Key Vault Created via SSMS or T-SQL

Column Master Key - Setup Create on Trusted Machines, but not on Server RT-Click CMK Folder -> New Column Export CMK to all clients Web Server for web apps

Column Encryption Keys - Setup RT-Click CEK -> New CEK

Always Encrypted To insert/update encrypted data RT-Click in Query Window (not menu) ->Options Execution -> Advanced

Always Encrypted To view unencrypted data:

Demo Demo #2

Gotchas Random DDM may display actual value if random value matches actual value. Use SSMS v17.4 for Row Level Security Parameterization Always Encrypted: Other apps can query data but cannot use it without encryption key

Conclusion Let’s recap…

References Editions and supported features of SQL Server 2016 https://docs.microsoft.com/en-us/sql/sql-server/editions-and-components-of-sql-server-2016 Configure Always Encrypted using SQL Server Management Studio https://docs.microsoft.com/en-us/sql/relational-databases/security/encryption/configure-always-encrypted-using-sql-server-management-studio#param Always Encrypted (client development) https://docs.microsoft.com/en-us/sql/relational-databases/security/encryption/always-encrypted-client-development Introducing SQL Server 2016 (Free e-book) https://blogs.msdn.microsoft.com/microsoft_press/2016/02/02/free-ebook-introducing-microsoft-sql-server-2016-mission-critical-applications-deeper-insights-hyperscale-cloud-preview-2/

Contact Info snasr@nistechnologies.com @SamNasr http://www.linkedin.com/in/samsnasr Thank you for attending!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.