Storing the encryption/decryption key for SQL Server in a safe location

Tags:
Encryption keys
SQL Server
I've got a DB in which i need to store the encrypted values for a column. I use the SQL Server encryption format for encryption. The format is as follows:
CREATE MASTER KEY ENCRYPTION BY PASSWORD 'dsagfdsagv418515adsf'
CREATE CERTIFICATE 'CERTIFICATE_NAME'
CREATE SYMMETRIC KEY 'KEY_NAME'
    WITH ALGORITHM = AES_256
    ENCRYPTION BY CERTIFICATE 'CERTIFICATE_NAME';
Now I am able to encrypt and decrypt the column, using EncryptByKey and DecryptByKey functions resp. Now I see a security threat here in a way, that the SYMMETRIC KEY is visible to DBA and other DB Users. They can always decrypt that column using the key anytime they want. This is not feasable in my application. Can someone please suggest what can be done to safeguard this key?


Software/Hardware used:
SQL Server 2012
0

Answer Wiki

Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following

Share this item with your network: