Overview   Technical   FAQ   APIs

Encryptionizer encryption software delivers server-side data encryption for Microsoft SQL Server databases and columns. It provides an additional layer of security on top of Windows security and SQL Server security, in case perimeter defenses are breached. It can secure data on servers as well as on backup media. Combined with Encryptionizer for MSDE, Encryptionizer can secure distributed databases all the way down to the workstation or laptop. It supports SQL Server 2005, SQL Server 2000, and SQL Server 7 Enterprise and Standard Editions. (PDF data sheet)

Encryptionizer delivers two types of security for SQL Server: automatic whole database encryption, and column-level encryption. These two types of encryption are available separately or can be seamlessly combined to provide the benefits of both.

Automatic Whole Database Encryption 

Whole database encryption has one simple purpose: to make databases and backups unusable if they are stolen, copied, downloaded, lost, or otherwise compromised. It provides completely transparent, on-the-fly encryption for an entire database using industry-standard algorithms such as AES, DES, Triple DES (3DES), and Blowfish.  Data is never decrypted on disk, only in memory as requested by SQL Server. In addition, data is automatically encrypted when written back to disk. And all of this happens without requiring changes to existing applications that connect to SQL Server. Whole Database encryption is a two-step process:

• Encrypt the desired database(s).
• Secure SQL Server with Encryptionizer.

Once that is done, no one will be able to use that encrypted data base anywhere else!  If you have  encrypted backups, no one will be able to restore the encrypted backups anywhere else.

Encryptionizer for Whole Database Encryption is extremely easy to use, is almost maintenance-free, requires no user intervention, and can usually be deployed in a couple of hours, using the included utilities. There are programming APIs available for encrypting/decrypting data-bases and non-database files. These are useful if you are planning to distribute encrypted databases, files, or other digital content to workstations, laptops, or other servers (e.g., connected by LAN, over the internet, or via CD).

View a demonstration of NetLib Encryptionizer Whole Database Encryption, where we secure the Northwind Database.

Column Level Encryption

Column encryption can be deployed in combination with (or depending on your requirements, instead of) whole database encryption. Encryptionizer for Column Encryption protects specific columns from users/groups who normally need access to the underlying table. And it can be used to protect data even from the SQL system administrator. Encryptionizer Column Encryption supports repeating values protection (RVP) and has the ability to mask the occurrence of frequently repeating values such as salaries, PIN’s, and test scores.

Column Encryption can be implemented one of two ways, or a combination of both:

Col-E Manager - The Encryptionizer Column Encryption Manager (Col-E) utilizes a point-and-click interface that allows you to quickly set up column encryption that in most cases can be transparent to existing applications. The Col-E Manager allows you to encrypt a column and specify the groups of users that are allowed to view the encrypted data through the use of database roles.

Column Encryption APIs - Also available are column encryption APIs that allow you to incorporate encryption functions into your applications directly. Column encryption APIs are extremely easy to use in SQL 2000 and SQL 2005. They can be used anywhere built in SQL functions can be used, including views, triggers, procedures, user-defined functions, jobs, and in-line SQL commands (In SQL 7, APIs can be used in triggers, procedures and jobs, but not in views or in-line SQL commands.)

View a demonstration of Encryptionizer Column Encryption using the Col-E Manager.

Overview   Technical   FAQ   APIs