Password protect sql database backups in maintenance plan

1.3k views Asked by At

I have a microsoft sql server database (2012) and its currently being backed up using maintenance plans. I have a full back up, differential back up and transaction logs backup in my plan. For security reason i would like to add password protection on these files. Is there any way to achieve this within my maintenance plan? Thanks in advance.

1

There are 1 answers

0
AudioBubble On BEST ANSWER

I found this link and it will work for me (for now at least). https://msdn.microsoft.com/en-us/library/bb934049.aspx

The following is from Microsoft Website

Transparent Data Encryption (TDE)

Transparent Data Encryption (TDE) encrypts SQL Server and Azure SQL Database data files, known as encrypting data at rest. You can take several precautions to help secure the database such as designing a secure system, encrypting confidential assets, and building a firewall around the database servers. However, in a scenario where the physical media (such as drives or backup tapes) are stolen, a malicious party can just restore or attach the database and browse the data. One solution is to encrypt the sensitive data in the database and protect the keys that are used to encrypt the data with a certificate. This prevents anyone without the keys from using the data, but this kind of protection must be planned in advance.

TDE performs real-time I/O encryption and decryption of the data and log files. The encryption uses a database encryption key (DEK), which is stored in the database boot record for availability during recovery. The DEK is a symmetric key secured by using a certificate stored in the master database of the server or an asymmetric key protected by an EKM module. TDE protects data "at rest", meaning the data and log files. It provides the ability to comply with many laws, regulations, and guidelines established in various industries. This enables software developers to encrypt data by using AES and 3DES encryption algorithms without changing existing applications.