Microsoft Plans Security Perks for SQL Server 2005
Microsoft is peeling away the layers of SQL Server 2005, unveiling new native security encryption and decryption support, as well as government security certification.
Operating under the ''Do More with Less'' mantra at its TechEd 2004 conference in San Diego, Calif., Microsoft is touting more capabilities, reliability and security at less cost and complexity for the duration of the show.
Along those lines, Tom Rizzo, director of product management for SQL Server, said the company is writing complex encryption and decryption functionality directly into the product so customers don't have to procure security features from a third party, or roll their own when the product becomes generally available next year.
The idea is to make the already successful product more attractive to customers, not only by making it more secure, but by saving users any time or labor associated with building complicated security software.
''Data encryption and decryption and key management is not for the faint of heart. This is the harder part of encryption and decryption that our competitors do not do,'' Rizzo said. ''So imagine the scenario where you want to have your data encrypted so that just in case someone breaks in, they can't pull the data out.''
Rizzo said one of the catalysts for Microsoft adding the features to the forthcoming SQL Server 2005 is the increase of data privacy laws in the U.S. States such as California are calling for sensitive data to be protected like never before, which led the SQL Server team to turn to encryption/decryption features.
More broadly, Microsoft has taken its lumps from skeptics critical about its ability to secure products. Success in this area for its keystone database software could bolster the company's tarnished reputation for offering safe products.
Along those lines, Rizzo said Microsoft will put SQL Server 2005 through the government's Common Criteria certification, a stringent procedure for securing computer software developed by the National Security Administration.
Common Criteria, which covers auditing, security and Social Security documentation, is an important certification because enterprises want to be able to do business with government agencies, which won't reciprocate unless certain standards of quality are met.
With the final release delayed along with Whidbey until early 2005, the second beta of SQL Server 2005 is due this summer, with a third beta following by the end of the year.
The third beta is expected to have advanced Data Transformation Services or extraction, transform and load integration features, that outdo anything ETL (define) vendors are currently providing.