General availability: Transparent Data Encryption for Azure SQL Database
Posted on 14 October 2015
Transparent Data Encryption (TDE) for Azure SQL Database protects your data and helps you meet compliance requirements by encrypting your database, associated backups, and transaction log files at rest, without requiring changes to your application. TDE for Azure SQL Database is based on SQL Server TDE technology, which encrypts the storage of an entire database by using an industry standard AES-256 symmetric key called the database encryption key. SQL Database protects this database encryption key with a service managed certificate. All key management for database copying, geo-replication, and database restores anywhere in SQL Database is handled by the service. To enable it on your database, in the Azure preview portal, click ON, and then click Save. Transparent Data Encryption for Azure SQL Database is built on the transparent data feature that has been running reliably on SQL Server since 2008. Updates to this core technology include support for the Intel AES-NI hardware acceleration of encryption. This reduces the overhead of turning on Transparent Data Encryption. For more information, see Transparent Data Encryption with Azure SQL Database.