Newly created Azure SQL databases will be encrypted at rest by default


Starting today, we will encrypt all new Azure SQL databases with transparent data encryption by default, to make it easier for everyone to benefit from encryption at rest.

The change in default will happen gradually by region. Anyone who wants to leave specific databases unencrypted can still do so by turning off transparent data encryption after the database has been provisioned. This change in default doesn't affect existing databases and databases created through restore, geo-replication, and database copy.

Transparent data encryption in Azure SQL Database has been generally available for two years. Since then, it has been widely adopted by the SQL database community because of the encryption-at-rest protection that it provides against unauthorized access to the database storage (data files, log files, and backups), because of its transparent nature (no application changes needed), and because of its low impact on workload performance.

To learn more about transparent data encryption, see:

To learn more about other ways you can increase the security of your SQL databases, see Securing your SQL database.


现在注册即获得 $200 Azure 信用额度


Visual Studio

订阅者每年可获得高达 $1800 的 Azure 服务



加入 BizSpark 计划并获得免费的 Azure 服务