Using TDE Best Practice

  • I am trying to understand when best to enable TDE. Our Asst. Director has been pushing to encrypt everything when we can due to more and more cyber crime. We have implemented all SQL instances are backing up using encryption as well as all our SQL connections are encrypted.

    As far as TDE, Should we enable it on all application databases even if it does not have sensitive or personal data? Seems they "Admin" want as much encrypted as we can. Much of our data is public information and I'm not sure if the extra administration overhead is worth it or should we just do what makes them happy?

    We have 26 SQL instance and 385 databases that we maintain.



  • TDE seems to be a tick box to lower insurance premiums, meet regulatory compliance etc. Personally I would concentrate on encrypting sensitive columns, with something like Always Encrypted, before getting too concerned about TDE on public information. Encryption, defense in depth etc is the way things are going.



Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply