Stronger Security Via Always Encrypted in SQL Server 2016

Kevin Kline

Published On: October 7, 2015

Categories: SQL Server 2016, Best Practices, Security, SQL Server 0

Prior to SQL Server 2016, your main method for encrypting a SQL Server application was to use a feature called Transparent Data Encryption. TDE provides strong encryption, but with some shortcomings. First, you have to encrypt an entire database. No granularity is offered at a lower level, such as encrypting specific tables or certain data within a table. Second, TDE encrypts only data at rest, in files. Data in memory or in-flight between the application and server are unencrypted. Enter Always Encrypted.


Originally Posted October 07, 2015