Encryption on SQL Server
The features of AIP are useful when it comes to protecting end user information and data, but in many ransomware cases where data is exfiltrated, attackers also manage to copy the contents of databases.
In many organizations, you have maybe hundreds of Microsoft SQL databases and other database engines that might contain sensitive information that you do not want to fall into the wrong hands.
So, what options do we have for protecting these databases? Microsoft SQL Server databases running on Windows Server are, by default, not encrypted, that is, neither the communication flow nor the data contained in the databases.
However, there are a couple of features that can be used to encrypt both:
- Transparent Data Encryption (TDE): Encrypts databases at rest on the storage device.
- Always Encrypted: Automatically encrypts data, not only when it is written but also when it is read by an approved application. The server administrator does not have...
