[CR #392841] Encryption of data through alter table copies the table to new data pages. The old (cleartext) values remain in the unused pages until those pages are re-used by the server. A similar situation exists with the transaction log. Log records of updates and deletes on tables prior to encrypting the data (through alter table) will also persist until those log pages are re-used.
Workaround: To destroy residual data pages, build a brand new device. Use bcp to copy all the data out from the old device and back in to the new device. The -C option on bcp will leave the data in ciphertext format during the transfer. Destroy the old device. For the case of plaintext values that may remain in the transaction log, normal database activity replaces these pages.
| Copyright © 2005. Sybase Inc. All rights reserved. |
|
|
