Does ITMS support Database Encryption?
search cancel

Does ITMS support Database Encryption?

book

Article ID: 278689

calendar_today

Updated On:

Products

Client Management Suite IT Management Suite

Issue/Introduction

Our IT department wants to install Data At Rest Encryption (DARE) and we want to know if this is supported by the ITMS application or not.

Resolution

Data At Rest Encryption is software that is typically installed on a SQL Server.  Broadcom does not own or support the SQL Server instance outside of making it work with our product.  Microsoft is paid for SQL Server support, licensing, etc. and not Broadcom. 

As Broadcom does not own support of our customer's SQL Server Database, it's not our place to tell customer's what to do with their SQL Server.  If they want to install DARE on their SQL box, or any other applications they are welcome to do that.  Additionally Broadcom does not test with DARE installed, and so we cannot give any indications of how this may affect your ITMS environment. 

We can point out however that Microsoft has a similar solution to DARE called Transparent Data Encryption (TDE) which is installed to encrypt SQL Server Database files at rest. For Reference: https://learn.microsoft.com/en-us/dynamics365/business-central/dev-itpro/security/transparent-data-encryption

This Microsoft article states that there is a Performance Impact by implementing TDE:

Performance impact

TDE has an estimated performance impact around 3-5% and can be much lower if most of the data accessed is stored in memory. The impact will mainly be on the CPU, I/O will have a smaller impact. See the SQL documentation on this topic for more details.

Broadcom is not aware of the Performance Impact of any other DARE solution, and so this would be a great question for your vendor. 

Broadcom would suggest to customers that would like to use DARE or TDE to validate that they have the Hardware Performance needed to run such an application, and be prepared for any effects on the following areas of their ITMS environment as the following areas are highly driven by SQL Performance:

  • SMP Console Performance
  • Hierarchy replication cycles
  • IT Analytics reporting and especially cube processing
  • Any big SQL Reports run by the customer
  • Increased time to process the Delta Resource Membership Update (DRMU)
  • Configuration Update times may need to be increased due to longer DRMU cycle
  • Longer times to process NSE files (Basic Inventory and other Inventory files sent to the SMP)