This slide deck is from the presentation given at the SQL Saturday event in Tampa, January 2009.

1. John Magnabosco
Database Consultant/Solution Architect – SolutionAvenue
President/Co-Founder - Indianapolis Professional Association for SQL Server
Coordinator/Co-Founder – IndyTechFest
Visit my blog at:
www.Simple-Talk.com
Download sample scripts and these slides at:
www.johnmagnabosco.com

2. Today’s Presentation
1. Get To Know Your Challenges with Sensitive Data
2. What Is Sensitive Data?
3. Why Protect Sensitive Data?
4. How To Secure Sensitive Data
With Code Demonstrations!

3. What is Sensitive Data?
Government Assigned ID Data
Biometric Data
Medical Data and History
Health Insurance Portability and Accountability Act (HIPAA)
Student Education Data
Federal Educational Rights and Privacy Act (FERPA)

4. What is Sensitive Data?
Employment Data
Communication Data
Electronic Communications Privacy Act (ECPA)
Financial Data
Right to Financial Privacy Act (RFPA)
Intellectual Property Data

5. Why Protect Sensitive Data?
Guard Against Identity Theft and Fraud
Ensure Privacy
Comply with Regulatory Requirements
Secure Competitive Advantage

6. Group Dynamics
Birth Date + Birth Location + Name = Certified Copy of Birth Cert.
Ancestor Name + Credit Card No. = Access To Credit Card Account
Vacation Plans + Address = Stolen Personal Property from Home
Pet Name + User Name = Password for E-Mail Account

7. How To Secure Sensitive Data
Data Classification
1. Identify classes of sensitivity
• Public, Internal, Confidential, Top Secret
2. Define security policies according to these classes*
• This will likely be defined by CIO or ISO rather than DBA
3. Assign a classification to each column in the tables
• Document with Extended Properties
4. Assign users/roles accordingly
• Access to database objects, views and tables

8. How To Secure Sensitive Data
Capturing Sensitivity Classification with Extended Properties
Demonstration…

9. How To Secure Sensitive Data
Data Handling Policies
1. Consider what data can be printed
• Internal documents, bulk mailing, individual mailing
2. Consider what data can be displayed on screen
• Based upon sensitivity classification
3. Consider what data can be stored externally from db
• Excel spreadsheets, files on disk/thumb drive
4. Determine display alternatives for sensitive data
• Partial display, no display, disclosed upon entry of pass code

10. Sample Nightmare
• 12/31/2008: A State University
Publishes names and SSN of 18,000 current/former students on the Internet.
•12/23/2008: A Popular Soda Company
Missing portable device containing employee names and SSN.
• 12/23/2008: An Internet Telephone Provider
A vendor stored customer credit card, bank account, names, addresses on Google Notebook.
• 12/16/2008: A Large Investment Brokerage Firm
Stolen laptop containing SSN, names and addresses of clients.
• 12/15/2008: A State Department of Revenue
Names, addresses and SSN of individuals exposed in mailing error.
• 12/04/2008: A State University
A spreadsheet containing names, addresses and SSN of students published on the Internet.
• 12/02/2008: A State Agency of Workforce
Names and SSN of 250,000 found on the Internet through search engine.
These items were provided through the OSF Data Loss RSS Feed: http://datalossdb.org/latest_incidents.rss

11. How To Secure Sensitive Data
Data Backup Storage
1. Store backup media in a secure location
• Offsite storage, room with limited access, fireproof
2. Store encryption key backups separately
• Not on same media, not in same location
3. Consider utilizing Transparent Data Encryption
• This feature encrypts the physical data files
4. Store data no longer than required
• Establish a retention schedule. Destroy items on schedule.

13. How To Secure Sensitive Data
Encryption
1. Consider utilizing Cell-Level Encryption
• Provides granular protection of data for each column
2. Consider utilizing Transparent Data Encryption
• Protects data files, transaction logs and backup files
3. Manage key lifecycles
• Encryption keys become weak over time.
4. Store key backups separate from db backups
• The db cannot be decrypted without these keys.

14. How To Secure Sensitive Data
Using Cell-Level Encryption and Transparent Data Encryption
Demonstration…

15. How To Secure Sensitive Data
Other Methods
1. HashBytes() method
• Encryption without the messy decryption
2. Masking data
• Replace part of the data with ‘X’ or other character
3. Coding data
• Use a number to represent data
4. Don’t store more data than you need
• Why increase the cost of storing data unnecessarily

16. How To Secure Sensitive Data
Using Other Data Protection Methods
Demonstration…

17. In Summary
1. Define Sensitive Data
2. Understand Why Sensitive Data Must Be Protected
3. Classify Data
4. Define Data Handling Policies
5. Include Back Up Strategies in Protecting Sensitive Data
6. Consider Encryption and Other Protection Methods

18. Questions…
…and in some cases, answers.

19. Additional Resources
Data Loss Resources:
OSF Data Loss RSS Feed
http://datalossdb.org/latest_incidents.rss
Additional TDE Resources:
MSDN: Understanding TDE (Article)
http://msdn.microsoft.com/en-us/library/bb934049.aspx
My Blog: Check out my series on TDE
http://www.simple-talk.com/community/blogs/johnm/default.aspx
Additional General Encryption Resources:
MSDN: SQL Server Encryption
http://msdn.microsoft.com/en-us/library/bb510663.aspx
Have More Questions?
My E-Mail: john_magnabosco@live.com