John MagnaboscoDatabase Consultant/Solution Architect – SolutionAvenuePresident/Co-Founder - Indianapolis Professional Association for SQL ServerCoordinator/Co-Founder – IndyTechFestVisit my blog at: www.Simple-Talk.comDownload sample scripts and these slides at: www.johnmagnabosco.com
Today’s Presentation 1. Get To Know Your Challenges with Sensitive Data 2. What Is Sensitive Data? 3. Why Protect Sensitive Data? 4. How To Secure Sensitive Data With Code Demonstrations!
What is Sensitive Data? Government Assigned ID Data Biometric Data Medical Data and History Health Insurance Portability and Accountability Act (HIPAA) Student Education Data Federal Educational Rights and Privacy Act (FERPA)
What is Sensitive Data? Employment Data Communication Data Electronic Communications Privacy Act (ECPA) Financial Data Right to Financial Privacy Act (RFPA) Intellectual Property Data
Why Protect Sensitive Data? Guard Against Identity Theft and Fraud Ensure Privacy Comply with Regulatory Requirements Secure Competitive Advantage
Group Dynamics Birth Date + Birth Location + Name = Certified Copy of Birth Cert. Ancestor Name + Credit Card No. = Access To Credit Card Account Vacation Plans + Address = Stolen Personal Property from Home Pet Name + User Name = Password for E-Mail Account
How To Secure Sensitive Data Data Classification 1. Identify classes of sensitivity • Public, Internal, Confidential, Top Secret 2. Define security policies according to these classes* • This will likely be defined by CIO or ISO rather than DBA 3. Assign a classification to each column in the tables • Document with Extended Properties 4. Assign users/roles accordingly • Access to database objects, views and tables
How To Secure Sensitive Data Capturing Sensitivity Classification with Extended Properties Demonstration…
How To Secure Sensitive Data Data Handling Policies 1. Consider what data can be printed • Internal documents, bulk mailing, individual mailing 2. Consider what data can be displayed on screen • Based upon sensitivity classification 3. Consider what data can be stored externally from db • Excel spreadsheets, files on disk/thumb drive 4. Determine display alternatives for sensitive data • Partial display, no display, disclosed upon entry of pass code
Sample Nightmare• 12/31/2008: A State University Publishes names and SSN of 18,000 current/former students on the Internet.•12/23/2008: A Popular Soda Company Missing portable device containing employee names and SSN.• 12/23/2008: An Internet Telephone Provider A vendor stored customer credit card, bank account, names, addresses on Google Notebook.• 12/16/2008: A Large Investment Brokerage Firm Stolen laptop containing SSN, names and addresses of clients.• 12/15/2008: A State Department of Revenue Names, addresses and SSN of individuals exposed in mailing error.• 12/04/2008: A State University A spreadsheet containing names, addresses and SSN of students published on the Internet.• 12/02/2008: A State Agency of Workforce Names and SSN of 250,000 found on the Internet through search engine. These items were provided through the OSF Data Loss RSS Feed: http://datalossdb.org/latest_incidents.rss
How To Secure Sensitive Data Data Backup Storage 1. Store backup media in a secure location • Offsite storage, room with limited access, fireproof 2. Store encryption key backups separately • Not on same media, not in same location 3. Consider utilizing Transparent Data Encryption • This feature encrypts the physical data files 4. Store data no longer than required • Establish a retention schedule. Destroy items on schedule.
How To Secure Sensitive Data Encryption 1. Consider utilizing Cell-Level Encryption • Provides granular protection of data for each column 2. Consider utilizing Transparent Data Encryption • Protects data files, transaction logs and backup files 3. Manage key lifecycles • Encryption keys become weak over time. 4. Store key backups separate from db backups • The db cannot be decrypted without these keys.
How To Secure Sensitive Data Using Cell-Level Encryption and Transparent Data Encryption Demonstration…
How To Secure Sensitive Data Other Methods 1. HashBytes() method • Encryption without the messy decryption 2. Masking data • Replace part of the data with ‘X’ or other character 3. Coding data • Use a number to represent data 4. Don’t store more data than you need • Why increase the cost of storing data unnecessarily
How To Secure Sensitive Data Using Other Data Protection Methods Demonstration…
In Summary 1. Define Sensitive Data 2. Understand Why Sensitive Data Must Be Protected 3. Classify Data 4. Define Data Handling Policies 5. Include Back Up Strategies in Protecting Sensitive Data 6. Consider Encryption and Other Protection Methods
Additional Resources Data Loss Resources: OSF Data Loss RSS Feed http://datalossdb.org/latest_incidents.rss Additional TDE Resources: MSDN: Understanding TDE (Article) http://msdn.microsoft.com/en-us/library/bb934049.aspx My Blog: Check out my series on TDE http://www.simple-talk.com/community/blogs/johnm/default.aspx Additional General Encryption Resources: MSDN: SQL Server Encryption http://msdn.microsoft.com/en-us/library/bb510663.aspx Have More Questions? My E-Mail: firstname.lastname@example.org