Townsend Security Data Privacy Blog

Microsoft WPC 2011: SQL Server Encryption and the Cloud

Posted by Patrick Townsend on Jul 14, 2011 8:00:00 AM

microsoft wpcMicrosoft’s Worldwide Partner Conference just wrapped up and it was truly an International conference. There were partners from every corner of the world. Microsoft has invested a lot in this conference and they are doing a great job of helping companies meet new partners through the on-line WPC Connections web site.

It is clear to me that Microsoft is converging a wide range of products onto the SQL Server platform for data management. The many business applications under the Microsoft Dynamics label including Dynamics NAV (the ERP system), Dynamics CRM (customer relationship management), and Dynamics AX (global ERP management) are all based on the latest version of SQL Server.  The very popular SharePoint collaboration tool now fully supports and exposes SQL Server Enterprise edition. All of the Business Intelligence solutions have been based on SQL Server for some time. And this pattern repeats through other products.

Why is this important? In SQL Server 2008 Microsoft introduced a new database security architecture with Extensible Key Management (EKM). EKM enables database encryption and the use of Hardware Security Modules (HSM) to store and manage encryption keys. Encryption and good key management are crucial to regulatory compliance, and the EKM architecture makes this all possible. The EKM architecture extends forward to the new version of SQL Server code named Denali.

You will be hearing more from Townsend Security about Microsoft SQL Server encryption key management next month.

The Cloud is the other big topic at this conference. Microsoft is moving almost everything to the Cloud at full speed. Microsoft Dynamics, SharePoint, SQL Server, and many other products are getting Cloud-based versions. Microsoft may be a bit late to the game on the Cloud, but they are “all in” now. And they’ve made a lot of room for partners to play in this arena, too. There are a really large number of new and existing Cloud providers at WPC.

Of course, the biggest concern on the part of end customers is the security of the Cloud. After many discussions with Microsoft partners, I know that they have heard this concern. But there is still quite a bit of confusion and ignorance about how to mitigate risk in Cloud environments. I can see we have our work cut out for us in helping to educate the Microsoft partner community about how they can use our solutions to encrypt and protect customer data. It won’t be as hard, painful, and expensive as they think.

Be sure to follow us on Facebook, Twitter, and LinkedIn to hear more about what we are doing with Key Management for SQL Server 2008 and  stay up to date on the latest trends in data protection.

Patrick

 

facebook  twitter  linkedin

Topics: Microsoft, SQL Server, Worldwide Partner Conference