March 14, 2018 at 9:41 pm
Hello,
I hope someone can help. I have a column I need to encrypt with always encrypted, the keys are already created, but I cant find the syntax (or know which syntax to use), to apply it to the column. Does anyone know? Thank you.
Regards,
D.
March 15, 2018 at 5:36 am
It sounds like you might not be able to actually update an existing column to add encryption. https://blogs.msdn.microsoft.com/sqlsecurity/2015/07/28/encrypting-existing-data-with-always-encrypted/
The first paragraph seems to have some pertinent information on it:
"...Always Encrypted is a client-side encryption technology – sensitive data is transparently encrypted and decrypted within a client application by a client driver. SQL Server does not have access to plaintext encryption keys and cannot encrypt or decrypt encrypted data. An important implication of the above is that encrypting existing data requires downloading the data to a trusted client machine, encrypting it and uploading it back to the database."
That article also gives some methods you can use to copy the data over if you'd like. If you already have a client application that can access the keys and it needs to be 'always on' then you might need to do some work with that application to make sure you stay online. You could write to both tables after you create them. Then write your data migration from the old table to the new table. Once the migration is complete, then you should be able to read and write from the new table. I admit I've not used Always Encrypted before, but based on what I've read there this seems like it should work.
Hope that helps.
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply