Filesystem security for TDE Keys and Certificates

What is TDE, and why is filesystem security important? Transparent Database Encryption, or TDE, is used to encrypt an entire database. The encryption is “transparent” since once the database is loaded by SQL Server, anyone…

Cannot use Certificate because its Private Key is not Present

Introduction Transparent Database Encryption, or TDE as it’s colloquially known, is a great solution for data security “at rest”. That is, data is encrypted on-disk, preventing someone with a copy of the database files from…

Fix Orphaned Users, Instance-Wide

The Overview Orphaned users are database principals that are no longer associated with a server principal, or login. This happens frequently when restoring a database from one server onto another server that doesn’t have the…

Surface Area Configuration Audit

The Surface Area Setup Microsoft has built an incredible number of excellent features into SQL Server over the years, vastly increasing the surface area of possible vulnerabilities. Some of these features can be both a…