Databases Reference
In-Depth Information
Figure 12-9
PC
Browser
W
Ser
PC
Browser
PC
Browser
Firewall
Da
Se
PC
Browser
“The Internet”
PC
Browser
PC
Browser
Database
PC
Browser
Using a firewall.
Ensuring the protection and privacy of data requires a multifaceted approach.
Firewalls are part of the answer, but just part. Not only do you need to limit
traffic into and out of the database, you have to limit what users can do while
they are there. That means limiting database users to only those persons and
applications that need access, as well as setting access permissions to no more
than what is necessary. Another tool available to you with some DBMSs, includ-
ing SQL Server 2005, is data encryption. Not only can you encrypt the data
coming into and going out of the server, you can also encrypt data on the hard
disk. Because of the resource overhead required by data encryption, it should be
limited to sensitive or personal data. SQL Server makes it easy for you to choose
what you encrypt, though, because it supports encryption at the table level and
at the individual data column level.
