Skip to main content

What is Transparent Data Encryption

Transparent Data Encryption was introduced in Microsoft SQL Server 2008. Its main purpose was to protect data by encrypting the physical files, both the data .mdfand log .ldf files. This technology was designed to have the entire encryption process be completely transparent to the applications accessing the database. TDE achieves this by using either Advanced Encryption Standard (AES) or Triple DES, encrypting the file pages and then decrypted as the information goes into memory. This inhibits limitations from querying the data in an encrypted database. This is essentially real time I/O encryption and decryption and does not increase the size of the database.

Database backups are also encrypted. In the event that a backup of the database gets lost or stolen, it will not be able to restore the database without the appropriate certificate, keys, and passwords.

  • Supported SQL Server versions: Microsoft SQL Server 2008 and higher versions with Evaluation, Developer, Enterprise, Data center edition.
  • You must run the TDE steps with the database admin privileges.

Was this article helpful?

We're sorry to hear that.