INTRODUCTION As you move through this book you may notice that this book doesn't gently flow from one topic to another like a lot of technical books. This is intentional as many of the subjects covered in this book are going to be related, but separate fields of study. As you move through the various chapters in this book you'll be able to secure a portion of your infrastructure. If you think about each chapter of the book as an independent project that you can take to your management the way that the book is structured may make a little more sense. My goal for this book, is that after reading it you'll have the most secure database that you can have within your environment. Our book starts from the outside looking in, with the most outside thing that can be controlled being your network design and firewalls. In larger shops this will be outside the realm of the database professional, but in smaller shops there may be a single person who is the developer, DBA, systems administrator. There are a lot of database encryption options available to the DBA. Usually many, many more than most people realize. As we move through this chapter we'll start by looking at how to encrypt the data within the database itself, then move to having the SQL Server automat- ically encrypt all the data, having the MPIO driver encrypt all the data, and having the HBA encrypt all the data. Not only will we look at how to do each one, but what the upsides and the downsides of each of these techniques are. One of the most common problems at smaller database shops are password policies, and using week passwords in production. In Chapter 3 we'll go over using some ways to ensure you are using a strong password, and some best practices to give yourself some extra layers of