Microsoft announced the features by editions for SQL Server 2019. Click here for more information.
There is one feature that stands out as new to the standard edition: Transparent Data Encryption, which is in SQL Server 2019 and is available in standard edition. For those of you that don’t know what TDE does, Transparent Data Encryption (TDE) encrypts SQL Server data files at rest.
If you are trying to build a secure application, there a few things that you can do to help secure your databases, including:
- Design a secure application
- Encrypt confidential assets
- Build a firewall around the database servers
In a situation where the physical media, such as drives or tapes or even the files themselves, get stolen or fall into the wrong hands, these files can be restored or attached to another SQL Server instance or viewed using a hex editor. If this occurs, the thief/hacker can then browse your data. A possible solution is to encrypt the data in the database this encryption uses keys to protect the data. The keys are protected with a certificate so, if you don’t have the keys, you don’t have access to the data.
Up until now, TDE has been an enterprise-only feature. This limitation to standard edition has been detrimental to people who want to build a secure database application using SQL Server standard edition. Security is a critical area to all businesses in the modern day, so SQL Server users that have the ability to encrypt your data at rest, on-premises will help you build a more secure system.
For more information on SQL Servers, please see our previous blogs:
To the Cloud! SQL options in Azure
Introducing SQL Server 2019
Still running SQL Server 2008 R2 or later? You are missing out!
SQL Server Performance Tips
How Best To Secure Your SQL Server
SQL Server Security Tools