Download eBook (PDF) - Red Gate Software

7 – One-Way EncryptionDrop the Unencrypted ColumnHaving successfully encrypted the contents of our Identification_Valuecolumn, captured it into the Identification_Value_H andIdentification_Value_HT columns, and verified that they are workingcorrectly; we can remove the Identification_Value column thatcontains the plain text values of our sensitive data.This is accomplished through the use of the ALTER TABLE method and theDROP COLUMN argument, as shown in Listing 7-8.USE HomeLending;GOALTER TABLE dbo.Borrower_IdentificationDROP COLUMN Identification_Value;GOListing 7-8: Dropping the plain-text column.Please note that the plain text values contained in this column will bepermanently lost with its removal. This is definitely an action in which we willwant to take pause. Perform the DROP COLUMN command only if you arecertain that you will no longer need to reference its contents. At the beginningof this process we performed a database backup which will provide us a meansof recovery if needed. If the plain text values are archived to another location ittoo will need to be protected.Creating the InterfaceThe sensitive data that is contained within the Borrower_Identificationtable is now protected with one-way encryption. Our next steps are to create theinterface through which our users can access this table.In Chapter 5, as a general policy, we denied direct access to all base tableswithin the HomeLending database using the script shown in Listing 7-9.162