The Database Master Key should be encrypted by the Service Master Key where required.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-15161	DM6179-SQLServer9	SV-23861r1_rule	IAKM-1 IAKM-2 IAKM-3	Medium

Description
Protection of the Database Master Key is necessary to protect the confidentiality of sensitive data. When encrypted by the Service Master Key, SYSADMINs may access and use the key to view sensitive data that they are not authorized to view. Where alternate encryption means are not feasible, encryption by the Service Master Key may be necessary. To help protect sensitive data from unauthorized access by DBA's, mitigations may be in order. Mitigations may include automatic alerts or other audit events when the database master key is accessed outside of the application or by a DBA account.

Description

Protection of the Database Master Key is necessary to protect the confidentiality of sensitive data. When encrypted by the Service Master Key, SYSADMINs may access and use the key to view sensitive data that they are not authorized to view. Where alternate encryption means are not feasible, encryption by the Service Master Key may be necessary. To help protect sensitive data from unauthorized access by DBA's, mitigations may be in order. Mitigations may include automatic alerts or other audit events when the database master key is accessed outside of the application or by a DBA account.

STIG	Date
Microsoft SQL Server 2005 Database Security Technical Implementation Guide	2015-04-03

Details

Check Text ( None )
None

Fix Text (F-14856r1_fix)
Where possible, encrypt the Database Master Key with a password known only to the application administrator. Where not possible, configure additional audit events or alerts to detect unauthorized access to the database master key by users not authorized to view sensitive data.