Transparent data encryption

One of the options on how to encrypt the data in the database is transparent data encryption. This feature is available since SQL Server 2008 and works on the I/O level. Both file types--data and log--are encrypted on the disk and SQL Server does the encryption once the data is written to disk and decryption once the data is retrieved from the disk into memory. This encryption works on the page level and does not have an effect on the size of the database.

Data encryption is totally transparent to the application, so you can turn on the encryption for any database and any application. This encryption is symmetric using a database encryption key (DEK), which is stored in the database boot record and is protected ...

Get SQL Server 2017 Administrator's Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.