Recently a customer asked me for help with setting up a test of an Azure SQL Database in the single database tier with Geo-Replication to work with Transparent Data Encryption (TDE) with a customer-managed key, also known as Bring Your Own Key (BYOK). It is very simple to do it when you use service-managed keys, […]
In Level 1 of this Stairway series, we discussed how to configure TDE in a user database using a Database Master Key (DMK) and a certificate. Level 2 showed the steps to restore the backup of this database on another instance. In this level, we will explain how to configure TDE in SQL Server with […]
Between the legislation over the years (HIPAA, GLBA, GDPR, CCPA, etc.) and data breaches from large organizations that seem to pop-up in the news on a monthly basis, SQL Server database encryption is critical for our industry. SQL Server ships with a few options for a native encryption implementation (Column Level Encryption, Transparent Data Encryption, Data Masking, Always Encrypted), that all provide value in particular situations, but none of the options all seem to address all of the needs. What is the best way to encrypt our SQL Server data?