Presentation is loading. Please wait.

Presentation is loading. Please wait.

SQL Server 2016 Security Features

Published byCharles Martin Modified over 6 years ago

Similar presentations

Presentation on theme: "SQL Server 2016 Security Features"— Presentation transcript:

1 SQL Server 2016 Security Features
Sam Nasr, MCSA, MVP NIS Technologies February 3, 2018

2 Introduction Software Developer (since 1995)
Sam Nasr Software Developer (since 1995) Sr. Software Engineer (NIS Technologies) Certifications: MCSA, MCAD, MCT, MCTS President - Cleveland C#/VB.Net User Group President - .Net Study Group INETA Community Champ (2010, 2013) Author for Visual Studio Magazine Microsoft Most Valuable Professional (since 2013)

3 Cleveland C#/VB.Net User Group
Meets every month Free of charge , open to the public Meeting info: Meeting Space courtesy of Pizza and drinks courtesy of

4 Housekeeping Bathrooms Forum for learning: feel free to ask questions
Cell phones on vibrate please

5 Agenda Dynamic Data Masking (DDM) "Always Encrypted“
Row-Level Security

6 DDM (Dynamic Data Masking)
Hide specific portions of a column Users can be granted UNMASK rights Can be added to existing tables or during CREATE Does not work with encrypted values DDM does not work with encrypted values (encrypted in app or Always Encrypted).

7 DDM Functions Default:
String: XXXX Numeric/Binary: 0000 Date/time: :00: Random: mask numeric values using a random value. Partial:

8 Demo Demo #1

9 Always Encrypted A client-side encryption technology
Auto encrypt when data is written/read by app Requires client app to use an Always Encrypted–enabled driver Client requires access to the encryption key. Other apps can query data but cannot use it without encryption key SQL Server instance never sees the unencrypted version of the data.

10 Always Encrypted – Setup
Create Column Master Key Definition Create Column Encryption Key

11 Column Master Key Stored in a Windows certificate store
3rd Party Hardware Security Module (HSM) Requires Enterprise Edition Azure Key Vault Created via SSMS or T-SQL

12 Column Master Key - Setup
Create on Trusted Machines, but not on Server RT-Click CMK Folder -> New Column Export CMK to all clients Web Server for web apps

13 Column Encryption Keys - Setup
RT-Click CEK -> New CEK

14 Always Encrypted To insert/update encrypted data
RT-Click in Query Window (not menu) ->Options Execution -> Advanced

15 Always Encrypted To view unencrypted data:

16 Demo Demo #2

17 Gotchas Random DDM may display actual value if random value matches actual value. Use SSMS v17.4 for Row Level Security Parameterization Always Encrypted: Other apps can query data but cannot use it without encryption key

18 Conclusion Let’s recap…

19 References Editions and supported features of SQL Server 2016
Configure Always Encrypted using SQL Server Management Studio Always Encrypted (client development) Introducing SQL Server 2016 (Free e-book)

20 Contact Info @SamNasr Thank you for attending!

Download ppt "SQL Server 2016 Security Features"

Similar presentations

Visualize Success 2011 Tony Gunter Professional Services Visual South, Inc. Advanced Browse and Excel Interface.

Visualize Success 2011 Tony Gunter Professional Services Visual South, Inc. Advanced Browse and Excel Interface.
Introduction to HTML5 By Sam Nasr, MCAD, MCT, MCTS, MVP Nasr Information Systems October 22, 2013.

Introduction to HTML5 By Sam Nasr, MCAD, MCT, MCTS, MVP Nasr Information Systems October 22, 2013.
Power BI Sites and Mobile BI. What You Will Learn Sharing and Collaboration Introducing Power BI Exploring Power BI Features and Services Partner Opportunities.

Power BI Sites and Mobile BI. What You Will Learn Sharing and Collaboration Introducing Power BI Exploring Power BI Features and Services Partner Opportunities.
By Sam Nasr Nasr Information Systems May 14, 2013.

By Sam Nasr Nasr Information Systems May 14, 2013.
Overview and Roadmap for Microsoft SQL Server Security

Overview and Roadmap for Microsoft SQL Server Security
Enterprise Reporting with Reporting Services SQL Server 2005 Donald Farmer Group Program Manager Microsoft Corporation.

Enterprise Reporting with Reporting Services SQL Server 2005 Donald Farmer Group Program Manager Microsoft Corporation.
OM. Brad Gall Senior Consultant

OM. Brad Gall Senior Consultant
Jim McLeod MyDBA  SQL Server Performance Tuning Consultant with MyDBA  Microsoft Certified Trainer with SQLskills Australia 

Jim McLeod MyDBA  SQL Server Performance Tuning Consultant with MyDBA  Microsoft Certified Trainer with SQLskills Australia 
We will start soon. Feel free to ask (chat window) anything you want before we start. www.KatieAndEmil.com.

We will start soon. Feel free to ask (chat window) anything you want before we start.
CRM in Education: Raising Standards. Saving Time. Presented by: Daniel Petersen Director of Business Solutions Applied Tech.

CRM in Education: Raising Standards. Saving Time. Presented by: Daniel Petersen Director of Business Solutions Applied Tech.
Intro to Datazen.

Intro to Datazen.
SQL Server Evolution New innovations Jen Underwood Sr. Program Manager of Business Intelligence & Analytics Microsoft George Walters Sr. Technical Solutions.

SQL Server Evolution New innovations Jen Underwood Sr. Program Manager of Business Intelligence & Analytics Microsoft George Walters Sr. Technical Solutions.
Level 300 System Center App Controller 2012 Marin Franković, Visoko učilište Algebra.

Level 300 System Center App Controller 2012 Marin Franković, Visoko učilište Algebra.
14 New T-SQL Functions By Sam Nasr, MCAD, MCT, MCTS NIS August 18, 2012.

14 New T-SQL Functions By Sam Nasr, MCAD, MCT, MCTS NIS August 18, 2012.
14 New T-SQL Functions By Sam Nasr, MCAD, MCTS. MVP Nasr Information Systems February 8, 2014.

14 New T-SQL Functions By Sam Nasr, MCAD, MCTS. MVP Nasr Information Systems February 8, 2014.
End to End Always Encrypted in SQL Server 2016 Steve Jones SQLServerCentral Redgate Software.

End to End Always Encrypted in SQL Server 2016 Steve Jones SQLServerCentral Redgate Software.
BI Development By Sam Nasr, MCAD, MCT, MCTS Nasr Information Systems February 5, 2011.

BI Development By Sam Nasr, MCAD, MCT, MCTS Nasr Information Systems February 5, 2011.
Putting Your Head in the Cloud Working with SQL Azure David Postlethwaite 18/06/2016David Postlethwaite.

Putting Your Head in the Cloud Working with SQL Azure David Postlethwaite 18/06/2016David Postlethwaite.
ASP.NET Core* Shahed Chowdhuri Sr. Technical WakeUpAndCode.com Deploying Your Web Apps * aka ASP.NET 5 before RC1.

ASP.NET Core* Shahed Chowdhuri Sr. Technical WakeUpAndCode.com Deploying Your Web Apps * aka ASP.NET 5 before RC1.
Intro to Azure SQL Databases. INTRO TO AZURE SQL DATABASES Mike Fal.

Intro to Azure SQL Databases. INTRO TO AZURE SQL DATABASES Mike Fal.

Similar presentations

Ads by Google