DATAXIVE SECURES SEUPB’S SQL SERVER DATABASE PLATFORM

SEUPB (Special EU Programmes Body) required all data held within their Microsoft SQL Server databases to be encrypted at rest to improve data security.

​

Industry

Government

Location

Belfast, Northern Ireland

Technologies

Microsoft Windows Server, Microsoft SQL Server, Transparent Data Encryption (TDE)

​

Overview

SEUPB as Managing Authority for the European Union’s INTERREG VA and PEACE IV Programmes in Northern Ireland, the Border Region of Ireland and parts of Western Scotland wishes to appoint a specialised IT service provider to improve SEUPB’s Information Security by enabling Database Encryption.

​

The challenge

SEUPB were unfortunate to be the victim of a cyber-incident in July 2020. As a result, identified potential risk areas were listed, and areas where SEUPB can further improve on its IT Security posture helping them prevent future incidents or data breaches. SEUPB engaged with Dataxive to address a requirement to set database encryption on some of their key information assets hosted on-premise on Microsoft SQL Server 2012 Enterprise Edition systems which held both financial and personnel data.

SEUPB’s database platform was hosted on a Microsoft Hyper-V and the Virtual Machines (VMs) were built with Microsoft Windows 2016 standard edition and SQL is version 2012 Enterprise Edition. Moreover, there was no dedicated test environment for these systems and careful planning and getting the implementation right first time was very important.

“Our immediate priorities at SEUPB is to encrypt key information databases hosting financial and personal data. Also, implementation is done seamlessly in the absence of no lower environments to test prepared solution on.”  - Seamus Kearney, ICT Manager, SEUPB

SEUPB’s technical team lacked database expertise, and SEUPB’s ICT Manager Seamus Kearney recognized the need for database partner with proficiency in Microsoft SQL Server with experience in implementing database encryption at rest. Dataxive jumped right in!

​

Dataxive’s expertise in implementing Transparent Data Encryption on Microsoft SQL Server was the perfect fit for SEUPB.

​

The solution

Dataxive began conducting a 360 Assessment starting with Database Inventory, Database Security Assessment and a Database Health Check to identify where to provide strategic guidance on database infrastructure offering better security. We used our specialized toolset and scripts, revealing essential areas within SEUPB's environment for enabling security optimizations.

​

Dataxive enables encryption on Microsoft SQL Server databases platform for SEUPB

Dataxive prepared and proposed a strategy to enable encryption at rest on Microsoft SQL Server using Transparent Data Encryption (TDE) to fortify security, implemented successfully on first attempt, enable relevant monitoring with technical documentation and handover.

​

Security best practices and compliance:  Dataxive highlighted the pre-requisites, prepared them beforehand, documented the process to enable Transparent Data Encryption (TDE) on all relevant databases and coordinated implementation with SEUPB technical team with precautionary Virtual Machine snapshots secured for rollback purposes. We also advised on using latest version of software, regular updates, configuration settings, best practices, and toolsets to improve configuration and stability, helping SEUPB strengthen their security.

24/7 database encryption monitoring:  Dataxive provided database encryption monitoring scripts to extend their current monitoring solution.

Database Maintenance and Availability:  Dataxive advised on implications of enabling Transparent Data Encryption (TDE) on Microsoft SQL Server databases including securing backup of master key and certificates.

Database Documentation & Support:  Dataxive prepared and provided technical documentation for SEUPB to manage and maintain Micorsoft SQL Server Databases with Transparent Data Encryption (TDE) enabled. Dataxive provided aftercare support with SEUPB’s queries following successful implementation.

Business outcomes

The business goal for SEUPB was to improve security of the personal and financial assets following a data breach incident. Our database gurus, whilst working as an extension to SEUPB’s current technical team, diligently developed custom customised plan to enable encryption at rest for Microsoft SQL Server databases on first attempt, enabled relevant monitoring, prepared technical documentation with handover and offered advice allowing SEUPB to elevate security of Microsoft SQL Server databases.