SQL Server 2008 has the encryption key management feature’s you’re looking for…

SQL Server 2008 Extensible Key Management enables the encryption keys that protect the database files to be stored in an off-box device such as a smartcard, USB device, or EKM/HSM module. This also enables data protection from database administrators (except members of the sysadmin group). Data can be encrypted by using encryption keys that only the database user has access to on the external EKM/HSM module.

Extensible Key Management also provides the following benefits:

* Additional authorization check (enabling separation of duties).
* Higher performance for hardware-based encryption/decryption.
* External encryption key generation.
* External encryption key storage (physical separation of data and keys).
* Encryption key retrieval.
* External encryption key retention (enables encryption key rotation).
* Easier encryption key recovery.
* Manageable encryption key distribution.
* Secure encryption key disposal..

See the full article Understanding Extensible Key Management for details.

There is definitely no shortage of SQL Server information online, but when you’re looking for a specific answer, it helps to know you can trust the information you’re reading. Here’s Paul Randal’s blogroll of SQL Server team members, MVPs and other trustworthy sources you can add to your list of trusted sites to help you get the reliable answers you’re looking for.

Providing customer support for Quest’s products allows me to talk with all sorts of SQL Server professionals. One of the most frequently asked questions I receive pertains to an article just posted on SearchSQLServer. In this article SQL Server experts provide their top 5 guidelines for improving query performance.

For many DBAs and other SQL Server professionals in the marketplace, the advice is no revelation, but implementing it can be. Quest offers some tools that will help any business stop weighing the time needed for performance tuning and investigation with the time dedicated to development and maintenance. When time is of the essence it’s crucial to have the right tools for the job. All of the tips in the article above can be implemented by using Quest’s SQL Server performance monitoring tools:Spotlight Enterprise, Performance Analysis, and Foglight. With intuitive alerts for multiple instances in a single view, visibility over throughput and system health, performance baselines, change tracking, performance advisories and more these tools take the guesswork out of tuning your SQL Servers. Each tool also does its part to educate the DBA on why the problems occurred and how they can be avoided in the future. By integrating with other Quest tools like Benchmark Factory, Toad, and SQL Tuning the entire detection, diagnosis, and resolution process becomes a quick and easy process that any business can implement out of the box.

While I was perusing Kalen Delaney’s Blog the other day I came across a mention of a really cool (yes, that’s my technical classification) tool written by Danny Gould. The SQL Internals Viewer shows a graphical representation of your SQL Server’s internals like how tables are using the space allocated to the database. Give this tool a try, if you’re a nerd-at-heart like me who loves learning more about his (her) SQL Server, this tool will be right up your alley!

From a performance perspective is it better to use SELECT MAX(columnA) FROM table1 or SELECT TOP 1 columnA FROM table1 ORDER BY columnA?

The best way to determine this would be to analyze the execution plan of each statement in Query Analyzer. It is also important to note that the performance of each query will be heavily dependent on the size of table1. What I would do is place both queries in the same query window and run them at the same time, then view the execution plans to see the cost of each and what each query is doing.

The answer will also depend on whether or not there is an index built on columnA.

In a quick example that I ran, the SELECT MAX(columnA) FROM table1 was significantly faster because the system aggregate function (MAX) was substantially better performing than the sort step but I would make sure that you test it on your own end first. If nothing else it will be a good excersize in query tuning and reading execution plans.