Security in a time of breaches? Microsoft touts beefed-up database encryption
Talk about good timing. A day after news broke that thieves hijacked personal data of some 104,000 taxpayers from the Internal Revenue Service, Microsoft is touting a new encryption technology that it says will make personal data a lot more secure, as long that data resides in a SQL Server 2016 database.
“Always Encrypted” technology will ensure that data is encrypted even while someone is actually working on it, Microsoft said in a blog post. Many systems now encrypt data while it’s sitting in the database or some sort of data store (this is known as encryption at rest) and also when it’s being transmitted around the network (this is encryption in transit.) But when it’s being parsed, analyzed and manipulated? That was a potential attack opportunity.
Per the Microsoft (MSFT) post:
The new security layer addresses that vulnerability by keeping the data encrypted even during transactions and computations, and by only giving the client keys to decrypt it. That means that if anyone else, including a database or system administrator, tries to access that client’s database, the credit card information or other sensitive data would just look like gibberish.
The technology is first surfacing in a just-announced preview version of Microsoft’s upcoming SQL Server 2016 database. Microsoft CEO Satya Nadella spoke to Fortune about SQL Server 2016 earlier this month. The finished product is due out some time presumably between now and the end of next year.