Encrypting the Database Encryption Key

SQL Server and Oracle Transparent Data Encryption Differences and Similarities

In this article, we look at how to set up Transparent Data Encryption for SQL Server and Oracle along with the differences and similarities.

Regenerating the Master Key

Changing the TDE Encryption

Exporting the Database Encryption Key

Removing TDE from a Database: Level 4 of the Stairway to TDE

Learn how to remove TDE from a database and return it to a normal state.

A One-Slide Summary of the Differences Between TDE and Always Encrypted

Read a One-Slide Summary of the Differences Between TDE and Always Encrypted from Brent Ozar.

TDE BYOK and Geo-Replication in Azure SQL DB

Recently a customer asked me for help with setting up a test of an Azure SQL Database in the single database tier with Geo-Replication to work with Transparent Data Encryption (TDE) with a customer-managed key, also known as Bring Your Own Key (BYOK). It is very simple to do it when you use service-managed keys, […]

Configure Extensible Key Management Using Azure Key Vault - Level 3 of the Stairway to TDE

In this third level of the Stairway, we examine how to store your encryption certificate in the Azure Key Vault.

Restore a Backup of a TDE Database to Another Server: Level 2 of the Stairway to TDE

In the second level of the stairway to TDE, we examine how you can restore your databases on another instance after moving the encryption certificate.