Back to Basics for SQL Server

Microsoft bolsters the security of its database.

To help ease database administration and data protection concerns, Microsoft Corp. is locking down security and improving best-practices options in its SQL Server database.

The Redmond, Wash., company announced at its Tech Ed conference in San Diego last week that it will embed native data encryption, as well as password and key management support, in SQL Server 2005, code-named Yukon. The security features will first appear in the second beta of Yukon, due later this year.

Also at the event, Microsoft released the final version of BPA (Best Practices Analyzer) for SQL Server 2000, which scans Windows Server System environments and provides database administration and best-practices recommendations. The scans identify optimal conditions for such features as server configurations and database backups.

BPA also includes SQL Server 2005 Upgrade Advisor, which scans a database for outdated or altered elements that could impede a customers efforts to upgrade to Yukon, which is due in the first half of next year.

Microsoft ups the database ante

Available for SQL Server 2000:

  • Best Practices Analyzer Performs automated scans of the database and identifies optimal conditions for server configurations, backup operations and database disk space capacity

Coming in Yukon:

  • Enhanced security Enables encryption of sensitive data and authenticates users through passwords, X.509 certificates or Windows certificate authority

Through the new security components, SQL Server 2005 users will have the choice of encrypting and decrypting sensitive data and authenticating users through passwords, X.509 certificates or the Windows certificate authority, officials said.

Microsoft recruited third-party SQL Server encryption software vendors Protegrity, of Cary, N.C., and Application Security Inc., of New York, as well as a few undisclosed software partners, to create the Yukon security offering.

The new database encryption measures are aimed at helping customers prepare to comply with regulations such as Californias Database Security Breach Notification Act, the Gramm-Leach-Bliley Act and the Sarbanes-Oxley Act.

"With the California database protection act and other initiatives, your credit card, Social Security number and other information has to be protected almost as intensely as medical information," said Tim Kelly, technology director at Total System Services Inc., a credit card processor in Columbus, Ga. "We have to have that type of native encryption because we need to know if some compromise occurs."

Kelly, a Yukon beta tester, said a key customer service application used by Total Systems, called Prophit, relies heavily on SQL Server 2000. BPA has enabled the companys database administrators to gain quicker insight into manual elements or scripted procedures requiring attention, he said. "If I get kind of stupid someday and forget to link an index somewhere, I can at least have this product to help me keep my own development staff in good order," Kelly said.


Check out eWEEK.coms Database Center at for the latest database news, reviews and analysis.


Be sure to add our database news feed to your RSS newsreader or My Yahoo page