patternMinor
SharePoint 2013 Database encryption
Viewed 0 times
databasesharepoint2013encryption
Problem
I'm using SharePoint 2013 with SQL Server 2012 as persistence layer. I need to encrypt the data stored in the database. I stumbled upon the SQL Server feature Transparent Data Encryption (TDE).
What will happen to the files (Office Documents) from the document libraries, when TDE is used? Are the files encrypted also or will only tables be encrypted?
What will happen to the files (Office Documents) from the document libraries, when TDE is used? Are the files encrypted also or will only tables be encrypted?
Solution
The files are stored in a blob in the sharepoint database and as TDE encrypts all the pages in the database all the files will be encrypted there within.
It's important to notice that while the database is mounted on the server the database server will serve the files unencrypted to the Sharepoint application server and it's clients.
The Sharepoint binary cache will store them unencrypted as well as all the clients. You are only encrypting the data at rest on the SQL Server when using TDE.
You can add to the security by using encrypted connections to the database server and HTTPS to connect to the Sharepoint application but after the files leave the database storage they will be unencrypted.
It's important to notice that while the database is mounted on the server the database server will serve the files unencrypted to the Sharepoint application server and it's clients.
The Sharepoint binary cache will store them unencrypted as well as all the clients. You are only encrypting the data at rest on the SQL Server when using TDE.
You can add to the security by using encrypted connections to the database server and HTTPS to connect to the Sharepoint application but after the files leave the database storage they will be unencrypted.
Context
StackExchange Database Administrators Q#104852, answer score: 3
Revisions (0)
No revisions yet.