Backing up the Database Encryption Key

Updating a Cryptographic Provider for EKM with Azure Key Vault - Level 5 of the Stairway to TDE

This next level of the Stairway to TDE shows how to upgrade your EKM cryptographic provider.

Encrypting the Database Encryption Key

SQL Server and Oracle Transparent Data Encryption Differences and Similarities

In this article, we look at how to set up Transparent Data Encryption for SQL Server and Oracle along with the differences and similarities.

Regenerating the Master Key

Changing the TDE Encryption

Exporting the Database Encryption Key

Removing TDE from a Database: Level 4 of the Stairway to TDE

Learn how to remove TDE from a database and return it to a normal state.

A One-Slide Summary of the Differences Between TDE and Always Encrypted

Read a One-Slide Summary of the Differences Between TDE and Always Encrypted from Brent Ozar.

TDE BYOK and Geo-Replication in Azure SQL DB

Recently a customer asked me for help with setting up a test of an Azure SQL Database in the single database tier with Geo-Replication to work with Transparent Data Encryption (TDE) with a customer-managed key, also known as Bring Your Own Key (BYOK). It is very simple to do it when you use service-managed keys, […]