Hi
Does anyone have any experience with Transparent Data Encryption (TDE) on a Microsoft SQL Server using Clarion?
A client wants me to enable TDE on the MSSQL Server. I was just wondering how you would implement this and what possible issues I could encounter.
Regards
Nardus
Hi Nardus,
I’m familiar with TDE.
What questions do you have? Your Clarion application is ignorant of whether the database is setup with TDE or not.
I don’t think you want to enable/setup TDE via a Clarion application. You’ll want to script it.
You need to backup your master key, your certificate and private keys, etc. to a secure location.
TDE requires Enterprise Edition or SQL Server 2019 or higher Standard Edition
Hi Rick
Sorry for not being clear enough. What must I do on the Clarion side to access a TDE database?
Do I add an extra driver string? I use the MSSQL driver, not ODBC.
Thanks
You do not need to do anything in your Clarion application.
TDE means the data is in encrypted on disk on the server. It doesn’t have anything to do with the applications using the database or the information in transit between the server and application workstation.
Awesome, thanks. One last question: during the initial encryption of the database, while the server encrypts the data, can you continue accessing the database, or do you have to wait for the encryption to finish before accessing the database?
You can but performance maybe impacted by blocking if the application requests data that is actually being encrypted at that moment, the application will block until the lock is released.