Академический Документы
Профессиональный Документы
Культура Документы
Throughoutthecoursewehavediscussedmethodstosecurethedatabase.The
databaseadministratorneedstoensurethedataissecureinallforms.Thereisthe
needforthedatabasetobebackedupinordertohavemediaforrestoringthe
databaseaspartofdisasterrecovery.
TheauthordiscussedthehistoryofMicrosoftSQLserverwiththeuseof
compressionandTransparentEncryption(TDE).Anotherissuewastheuseof
olderversionsofSQLserverandtheuseofthirdpartysolutions.
Encryption
Encryptionofthebackupsisanimportantsecuritymethod.Wehavediscussed
TransparentDataEncryption.TDEisconfiguredbycreatingadatabasemasterkey
inthemasterdatabase.Aftercreatingthedatabasemasterkey,aCertificateis
createdinthemasterdatabase.Thenadatabaseencryptionkeyiscreatedintheuser
database,andthisdatabaseencryptionkeyissecuredusingthecertificatethatwas
createdwithinthemasterdatabase.Afterthedatabaseencryptionkeyhasbeen
created,theENCRYPTIONoptionontheuserdatabasecanbeenabledtellingthe
TransparentDataEncryptionenginetobeginthebackgroundencryptingofdata.An
importantconsiderationisthesecuringthecertificateorasymmetrickeycreatedto
usetoencryptthebackups.
TheauthorhasdiscussedthebackupswiththeuseofMicrosoftAzureSQL
DatabasesaresupportedfortheBasic,StandardandPremiumdatabases.Foreach
ofthesedatabasessizesbackupretentionisdifferentwiththebasicsizedatabase
supporting7daysofretention,thestandardsizedatabasesupporting14daysof
retentionandthepremiumsizedatabasesupporting35daysofbackupretention.
Anotherconsiderationisusingtheoptionofspecifyingabackupsetpasswordas
wellasamediasetpassword.Thebackupsetpasswordisdesignedtoprevent
accidentalrestoreofthedatabase,whilethemediasetpasswordisdesignedto
preventthemediafrombeingaccidentallyoverwritten.