First published on MSDN on Oct 14, 2015
I'm pleased to announce the general availability of Azure SQL Database Transparent Data Encryption to protect your data and help you meet compliance requirements by encrypting your database, associated backups, and transaction log files at rest without requiring changes to your application. Thousands of customer databases are already enjoying the security and compliance benefits of TDE and we invite you to join them.
SQL Database TDE is based on SQL Server’s TDE technology which encrypts the storage of an entire database by using an industry standard AES-256 symmetric key called the
database encryption key. SQL Database protects this database encryption key with a service managed certificate. All key management for database copying, Geo-Replication, and database restores anywhere in SQL Database is handled by the service – just enable it on your database with 2 clicks on the Azure Preview Portal (
:( click ON, click Save, done.
Transparent Data Encryption for Azure SQL Database is built on top of the same Transparent Data Feature that has been running reliably on SQL Server since 2008. We have made updates to this core technology that are available cloud first on Azure SQL Database, including support for Intel AES-NI hardware acceleration of encryption. This will reduce the overhead of turning on Transparent Data Encryption.
We hope this meets many of your needs for Encryption at Rest in a manner that lets you focus on the work that is important to you. For more information, see MSDN (link to
: TDE is also available for Azure SQL Data Warehouse