Public preview: Always Encrypted for Azure SQL Database

Wednesday, November 4, 2015

Always Encrypted is a feature designed to protect sensitive data (such as credit card numbers) that are stored in Azure SQL Database. It ensures that sensitive data is encrypted and decrypted inside client applications or application servers by using keys that are never revealed to Azure SQL Database. As a result, even database administrators, other high privilege users, or attackers gaining illegal access to Azure SQL Database, are not able access the data. Always Encrypted makes encryption transparent to client applications. A SQL client driver (such as ADO.NET in .NET 4.6) that is enabled with Always Encrypted transparently encrypts the data that corresponds to sensitive columns before it passes the data to the database. It automatically rewrites queries so that the semantics to the application are preserved. Similarly, the driver transparently decrypts the data retrieved from encrypted database columns, and returns plain text values to the application. graphic1 For more information about Always Encrypted, see:

Free account

Sign up now and get $200 in Azure credit

Start free

Visual Studio

Subscribers get up to $1800 per year of Azure services

Activate now

Startups

Join the BizSpark program and get free Azure services

Learn more