Last year, Microsoft announced that Transparent Data Encryption (TDE) would be part of SQL Server 2019 Standard edition. This was BIG news – TDE has been around since SQL Server 2008, but until now, it’s been for those lucky guys with Enterprise-deep pockets.
You can read about TDE here in one of my earlier blogs (which I now need to update!), but briefly, TDE encrypts your data files and log files at rest. It also encrypts your backup files. This is really important as, without encryption, the data you hold is at risk from anyone with access to the files, even if they can’t connect to the SQL Instance itself. Want to know how easy it is to read data from an unencrypted backup file? Read this post from Brent Ozar, and then take several deep breaths!
Now, I know what you’re thinking – you’re were one of those super-smart guys who put all their data in the cloud where it’s someone else’s’ problem, right? Well…let’s not forget that the “cloud” is still ultimately a physical data centre somewhere, and data centres get hacked.
The good news is that TDE is super-easy to implement and it’s very well documented. Once you make the leap to SQL Server 2019, put TDE high up your list of things to talk about. If we’re your DBAs, we can do this for you. If we’re not, come and talk to us.
Thanks for reading!