As always, I am on the lookout for good free resources. The good folks at Red-Gate with John Magnabosco have put out a very good book on Protecting SQL Server Data. This free e-book covers the following topics:
- Understanding Sensitive Data
- Data Classification and Roles
- Schema Architecture Strategies
- Encryption Basics for SQL Server
- Cell Level Encryption
- Transparent Data Encryption (TDE)
- One-Way Encryption
- Obfuscation
- Honeycombing a Database
- Layering Solutions
The focus of this book is protecting sensitive data that is "at rest" within your SQL Server database (primarily Microsoft SQL Server 2005 and 2008). Security methods and appliances/devices that protect data externally to the DB, such as firewalls, secured network connections, and secure web design are all very important and recommended, but the main success of your efforts to protect sensitive data will depend upon how well you guard your data in the database.