17 Safeguarding Confidential Data in SharePoint 2010 403
Understanding the Threats to SharePoint Data . .......................................................... 404
SQL Server Database Mirroring for SharePoint Farms ............................................. 404
Understanding Operating Modes............................................................................... 405
Understanding Transaction Safety Levels . .......................................................... 406
Examining Supported Topologies . .......................................................................................... 406
Single Data Center High-Availability Model .................................................... 407
Cross-Site High-Availability Model. .......................................................................... 408
Multiple-Farm Cross-Site Model ................................................................................. 409
Outlining Database Mirroring Requirements . ............................................................... 410
Examining Supported SQL Server Editions . ...................................................... 410
Considering Security Requirements. ........................................................................ 411
Examining Supported Databases................................................................................. 411
Considering Performance and Scalability . .......................................................... 411
Enabling SQL Database Mirroring. .......................................................................................... 412
Exploring the High-Level Steps Involved with
Setting Up a Database Mirror . ................................................................................... 412
Backing Up the Databases to Be Mirrored. .......................................................... 412
Restoring the Databases onto the Mirror Server............................................. 414
Configuring Security and Enabling Mirroring . ............................................... 415
Using SQL Transparent Data Encryption (TDE) . .......................................................... 416
Understanding the Problem. .......................................................................................... 416
Encryption Solutions............................................................................................................ 417
Understanding How TDE Works................................................................................. 418
Understanding the TDE Key Hierarchy . ............................................................... 418
Understanding TDE Requirements and Limitations . ................................. 418
Enabling TDE for SharePoint Content Databases. ...................................................... 419
Creating the Database Master Key (DMK) . ........................................................ 420
Creating the TDE Certificate .......................................................................................... 420
Back Up the TDE Cert . ....................................................................................................... 421
Creating the DEK..................................................................................................................... 421
Encrypt the DB . ....................................................................................................................... 422
Monitoring Progress. ............................................................................................................ 422
Restoring the TDE Encrypted DB to Another Server .................................. 423
Using Active Directory Rights Management Services
(AD RMS) for SharePoint Document Libraries. .......................................................... 424
Understanding Prerequisites and Limitations of AD RMS. .................... 424
Installing AD RMS . ................................................................................................................ 425
Modifying the RMS Certification Pipeline . ........................................................ 428
Enabling IRM Support in SharePoint Central Admin. ............................... 429
Enabling IRM Support on an Individual Document Library................ 430
Microsoft SharePoint 2010 Unleashed
xviii