keeping all the data in another table, and encrypting it. I want to
get rid of the original unencrypted data and be sure that it is no
longer anywhere on disk. Should I drop the table, or first delete the
rows and then do a dump tran? I'm not sure how to know if the data is
actually physically deleted from disk, or if it's still there, but
just in blocks that get marked as available. Any guidance would be
greatly appreciated.
Thanks,
Brucesandell@.pacbell.net (Bruce) wrote in message news:<595024a5.0405061512.13a1c5f1@.posting.google.com>...
> I have a table with some sensitive customer data in it. I am now
> keeping all the data in another table, and encrypting it. I want to
> get rid of the original unencrypted data and be sure that it is no
> longer anywhere on disk. Should I drop the table, or first delete the
> rows and then do a dump tran? I'm not sure how to know if the data is
> actually physically deleted from disk, or if it's still there, but
> just in blocks that get marked as available. Any guidance would be
> greatly appreciated.
> Thanks,
> Bruce
It depends how serious you are about getting rid of the unencrypted
data. You could add a new physical disk to the server, create a new
empty database on it, copy over all the data except the unencrypted
data, then remove the existing disk and format it and/or overwrite the
sectors with a suitable low-level disk tool.
If that is overkill for your needs, you could UPDATE all the
unencrypted data to something meaningless and then checkpoint the
database, which should overwrite the current pages on disk. You could
then DELETE the rows, and delete any transaction log backup files
(assuming you don't need them for recovery).
Don't forget that the unencrypted data may still exist in database
backups, so you would need to address that issue also.
Simon
No comments:
Post a Comment