0

We are building an application using .NET and SQL Server 2012. Currently it works fine. For some new changes we want to encrypt few sensitive columns in the tables and also want to move the to SQL Azure.

Was Googling and found that SQL Server 2016 has a new feature - "Always Encrypted" which requires .NET 4.6 & SSMS version to be 13.0+

Now that I am using SQL Server 2012 is there a way to make use of Always encrypted feature while moving to Azure? Any workarounds / alternatives / pointers on this would help.

Nikhil Vithlani - Microsoft
  • 797
  • 5
  • 13
prasanth
  • 483
  • 1
  • 4
  • 11

2 Answers2

2

Fortunately Always Encrypted is available in Windows Azure SQL Database (WASD), see https://msdn.microsoft.com/en-us/library/mt163865.aspx. But to start using it you will first have to either migrate your current environment to SQL 2016 and make the changes to your application to take advantage of the Always Encrypted features, or migrate to Windows Azure SQL Database first, and tackle the Always Encrypted second.

Before moving to WASD, you will want to spin up a development instance, deploy your database schema, and any configuration or lookup data. After you have your development instance, verify your application can use this new instance.

For your sanity, tackle these issues in two steps, not one.

Shannon Lowder
  • 482
  • 3
  • 12
  • Do you mean I need to first setup a SQL Server 2016 development instance? or is there any WASD flavour available for development purpose? – prasanth Oct 14 '16 at 17:14
  • The development instance would be any database you create in Windows Azure. There are several pricing options to choose from. From basic $5/month to Premium $1000/month. After you create the database, deploy your schema to it, and then start testing your application can work with WASD. – Shannon Lowder Oct 18 '16 at 11:43
1

I'm a Program Manager at Microsoft. Just to confirm/add to what Shannon stated:

Always Encrypted is supported in SQL Server 2016 and in Azure SQL Database and the feature is identical on both platforms. Here is a tutorial with an Always Encrypted example for Azure SQL DB: https://azure.microsoft.com/en-us/documentation/articles/sql-database-always-encrypted/.

You can also use Always Encrypted in a SQL Server Virtual Machine in Azure(https://azure.microsoft.com/en-us/services/virtual-machines/sql-server/), if you choose to provision SQL Server 2016 in the VM.

Jakub Szymaszek - Microsoft
  • 586
  • 3
  • 3