Understanding the Problem
By default, SharePoint data is secured by access control lists (ACLs), but the data in the database itself is not encrypted in any form. If a rogue agent were to gain access to either the SQL server or the SQL database backups, they would be able to overwrite SharePoint security ACLs and gain access to the data in the database quite easily.
For security and for compliance reasons, it may become necessary to enforce data encryption of the SQL databases. Within SQL Server 2008 and SQL Server 2008 R2 Enterprise edition, Microsoft includes a new feature known as Transparent Data Encryption (TDE) that allows for this type of functionality.
Get Microsoft SharePoint 2010 Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
