Home

Encryption

Prev Page Next Page
Introduction
Recovery models
Main backup types
Backing up the database files by copying
The transaction log
Transaction log restore sequence
Log sequence numbers
Truncating and shrinking the transaction log
Backing up the tail
Inside the transaction log
So, what's in a backup file?
Test: A full backup does not contain deleted data
Verifying backup files
Verifying backup files on a budget
Cumulative backups
Recovering individual tables
Backup and restore history details
Backup reads and writes
Speeding up backups
Backup speed details
Speeding up restores
Restore state affects speed too
Backup and restore rights
Log shipping
Log shipping in SQL Server 2000
Setting up log shipping using Enterprise Manager
Checking the set up
Failover
Log shipping in SQL Server 2005
Setting up log shipping using Management Studio
Checking the set up
Log shipping status report
Failover
Log shipping in SQL Backup
Using the CopyTool utility
Failover
3rd party backup applications
VDI
VDI versions
VDI errors
SQL Backup - beyond compression
Restoring a chain of transaction log backups
Restoring to the latest possible state
Backing up multiple databases
Backup retention
Making a copy of the backup file
Backup file naming conventions
Restoring the latest backup set
Network resilience
Encryption
Integrated database verification
Database file relocation
Improved backup retention
RESTORE HELP
High-availability group support
Common SQL Backup issues
Installation checklist
Setting up rights
Configuring service rights
Backup data
Hanging issues
Common backup and restore errors
Error 3201 - when performing a backup to a network share
Full database backup file is larger than database size
Error 3205 - Too many backup devices specified for backup or restore
Error 4305 - an earlier transaction log backup is required
Bringing a database that is in recovery or read-only mode online
Using bulk-logged recovery model but transaction log backup is still large
Error 14274 - unable to delete SQL Server Agent job
Error messages when restoring from different versions of SQL Server.
Pending
vdi error codes
Restore speed details
Help, my transaction log file is huge!
Mirror or log ship



SQL Server 2005 and newer offers the option to encrypt your tables/databases.  If you were to back up a SQL Server 2008 database that contains encrypted data, your backup data is pretty much encrypted.  However, if you tried to back up the data using the COMPRESSION option in SQL Server 2008, the backup data won't be compressed much.  This is because encrypted data simply does not compress well.

What if you wanted to protect the backup data for a database that's unencrypted?  Well, you have the PASSWORD option, but all that does is prevent you from restoring the database if you do not have the right password.  It does nothing to encrypt the backup data itself.

E.g. here's a normal backup:

BACKUP DATABASE pubs TO DISK = 'e:\temp\pubs.bak'

and here's a hex dump of the backup file at offset 120D00H:

 

encryption01

 

Here's a password protected backup:

 

BACKUP DATABASE pubs TO DISK = 'e:\temp\pubs.bak' WITH PASSWORD = 'password'

and here's the hext dump of the backup file at the same offset:

 

encryption02

 

All the PASSWORD option does is require you to enter the password when performing RESTORE operations.  No encryption of the backup data is performed.

 

With SQL Backup, you can encrypt the backup data.  Since encryption is performed after the compression process, you get the benefits of both compression and encryption.  The syntax couldn't be simpler either e.g.

EXEC master..sqlbackup '-sql "BACKUP DATABASE pubs TO DISK = [e:\temp\pubs.sqb] WITH PASSWORD = [password]" '

Encryption is performed using the AES (Rjindael) encryption algorithm, and you can choose between 128-bit and 256-bit key sizes.




Document history
11/4/2010    Initial release.    
 
Copyright 2008 - 2021 Yohz Ventures Sdn Bhd. All rights reserved.
All product and company names are trademarks or registered trademarks of their respective owners.