3

I use SSIS packages to output the data from one system as Comma Separated Values, and then import that same data into a second system. I have a new requirement to encrypt the CSV text files that are generated by the SSIS package, which means I will also need to decrypt those text files when importing into the other system.

This encrypting/decrypting could be done using some sort of batch processing outside of SSIS, but it seems like it would be more natural to do this all within SSIS. What's the best way to do this?

asked Oct 16, 2012 at 18:39
4
  • 1
    Are you referring to simply encrypting the traffic or the data in your source is going to be encrypted? Commented Oct 16, 2012 at 19:56
  • I need to encrypt the text files the SSIS package creates from my database. Then at a later point I'll have to decrypt the text files and import them using another SSIS package. Commented Oct 16, 2012 at 20:14
  • What level of encryption is needed for these files? Commented Oct 16, 2012 at 20:47
  • I don't have a specific requirement for encryption level, but naturally want to make it as secure as possible. Commented Oct 16, 2012 at 20:53

3 Answers 3

3

Encrypting files through SSIS is possible, but there is no real easy native solution available with SSIS. There are a wealth of third party productions out there than can assist with this. Time is money, so it all depends on how much you want to spend on trying to come up with a customized solution or just go buy something that can help you do it quicker.

There is a good write up on this blog post that walks thorugh doing it with some custom .NET code and a ScriptTask. He also list out some of the third party products that offer a solution as well.

answered Oct 16, 2012 at 21:11
1

If you are using SQL Server 2005+ on both ends, you can use Database Encryption.

This article by Pinal Dave gives a good overview.

You will basically have to setup a server master key, a database master key, and a symmetric key on both sides and use those to encrypt / decrypt the data going in and out using the ENCRYPTBYKEY() and DECRYPTBYKEY() functions. The trick is that you want to make sure once your keys are created DMK and SYMKEY that you restore them to your destination so the data can be decrypted.

That's a very high level, but it should get you started in the right direction.

answered Oct 16, 2012 at 19:06
3
  • ENCRYPTBYKEY() and DECRYPTBYKEY() seem to operate on columns individually. This would result in alot of work to encrypt all the columns one by one, which I suppose I could do if necessary. But I'm really looking for a way to encrypt the entire output file, not just a column. Commented Oct 16, 2012 at 20:01
  • Encrypt the entire DB Commented Oct 16, 2012 at 20:15
  • You can use TDE if you are using SQL Enterprise edition which would keep the database encrypted but unfortunately the data coming out would not be encrypted. Commented Oct 17, 2012 at 3:01
0

You may want to look into PGP/GPG. While it is an "outside the DB server" solution, it can be made secure.

answered Jan 29, 2013 at 21:02
0

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.