SQL Data Warehouse PolyBase support for Azure Storage Encryption using customer-managed keys
Posted on 05 June 2018
Ensuring that your data is secure throughout your architecture is critical for any mission-critical analytics solution. Recently, Azure Storage released Storage Service Encryption using customer-managed keys in Azure Key Vault, which enables you to encrypt your storage data with your own keys in Azure Key Vault.
PolyBase in Azure SQL Data Warehouse, the preferred loading mechanism, can transparently read data from the encrypted storage layer and move the data in a secure way by using the WASBS protocol. This helps ensure that the data is secure at rest in Azure Storage, in flight via PolyBase, and in SQL Data Warehouse with transparent data encryption. These three features work together to help protect your data end to end on Azure.