Encryption and Key Management for Microsoft SQL Server

Key Connection for SQL Server

Encryption & Key Management for Microsoft SQL Server

Managing SQL Server TDE and column-level encryption keys with Alliance Key Manager (hardware security module (HSM), VMware, Cloud HSM, or cloud instance) is the best way to ensure encrypted data remains secure. Key Connection for SQL Server stores encryption keys separately from the database server on a secure key manager to meet PCI-DSS, HIPAA/HITECH, GLBA/FFIEC, and other compliance requirements. 



Cost Effective Encryption Key Management

The Definitive Guide to SQL Server Encryption Key Management In addition to managing TDE and cell level encryption keys, Alliance Key Manager offers an on-board encryption service - the key never leaves the server. Further, Townsend Security enables customers to encrypt SQL Server databases—including Enterprise and Standard releases—as well as Oracle, IBM DB2/400, MySQL, MongoDB, and more. 

Cost should not be a barrier to compliance. Our key management model is built to scale from a single server to a multi-server environment. Any organization can now deploy a cost-effective, comprehensive and certified solution to meet key management compliance requirements.

Meet Compliance Requirements

Meet encryption key management best practices with separation of duties and dual control.  Store encryption keys separately from the encrypted data on your Microsoft SQL Server with a secure and compliant encryption key management solution. Enforce separation of duties and prevent administrators from having access to SQL Server data and the encryption keys to meet compliance standards.

Out of the Box Integration with Microsoft SQL Server

Townsend Security’s encryption key management solution connects effortlessly to the SQL database. It utilizes Microsoft’s (EKM) interface to support both Transparent Data Encryption (TDE) and column-Level encryption on Microsoft SQL Server Enterprise and Standard editions. Our Alliance Key Manager includes an unlimited license to use the Key Connection for SQL Server software. Key Connection for SQL Server is an Extensible Key Management (EKM) Provider that installs in your SQL Server environment to support both Transparent Data Encryption and Cell Level Encryption.

Automate Key Management Processes

Save time while addressing compliance requirements for key management. Automate all of your essential key management tasks including rotation, retrieval, and generation, for one server or many, in a central location.


Deployment & Training Services Are Included
Complexity is usually the largest concern in integrating encryption key management.  Townsend Security has simplified the process. When businesses choose Alliance Key Manager, they not only receive industry leading encryption key management, but free deployment and security hardening services. Townsend Security’s services team will: 

  • Install and initialize Alliance Key Manager (AKM) virtual image
  • TLS certificate management, download and expiration date tracking
  • Redundancy implementation of mirroring
  • Backup configuration support
  • Security log forwarding via Syslog
  • MFA activation
  • Installation and configuration of Admin Console for key lifecycle management
  • Key retrieval configuration including vSphere, SQL TDE, MongoDB TDE, etc... 


Features Benefits
Automatic integration with Microsoft SQL Server Uses Microsoft Extensible Key Management (EKM) interface to support Transparent Data Encryption (TDE)
A secure and separate key manager stores encryption keys Enforce dual control and separation of duties for compliance by storing encrypted data away from the encryption keys
Simplify key management tasks Automate key rotation, retrieval, and generation in a central location

Watch How Easy it is to Set Up TDE and EKM on SQL Server


Certifications and Validations

NIST AES compliance (ECB and CBC modes of encryption)

NIST SHA validation

NIST RNG validation (x9.31)

NIST HMAC validation

NIST FIPS 140-2, level 1



TLS authenticated secure communications

GUI console for key management

Secure web application for server management

Key Sizes

AES 128, 192, 256 bit symmetric keys

RSA 1024,2048, 3072, 4096 bit asymmetric keys

Case Studies

Monitronics Security & Alliance Key Manager for VMware

Understanding the importance of security, Monitronics turned to Townsend Security to protect their customers’ personal data with encryption and key management. 


The Definitive Guide to SQL Server Encryption Key Management

This definitive guide to covers the critical issues involved in getting encryption right with SQL Server.

Solution Briefs

Alliance Key Manager for Windows

The biggest challenge to Windows users deploying encryption is the proper implementation of key management.

Key Connection for SQL Server

Whether encrypting data with Transparent Data Encryption (TDE) or Cell Level Encryption on Microsoft SQL Server, managing the encryption keys with an encryption key manager is the best way to ensure the encrypted data remains secure.


Alliance Key Manager

Alliance Key Manager works with all major business platforms, cloud platforms, and leading encryption applications.

White Papers

Encryption Key Management for Microsoft SQL Server

Organizations continue to experience billions in damaging losses due to data breaches. Protecting your SQL Server database with encryption is easier than ever.