2

More and more organizations are requiring that data like social security number (SSN) are not just encrypted on disk, but in the database itself. SQL Server offers 2 ways to do this, depending on the version. Cell level encryption would require special permissions at the database layer, not application, to decrypt the data. Always Encrypted does encryption and decryption at the application/user end and the data can be encrypted for administrators of the data and to SQL Server itself. Because of the sensitive nature of this application, it makes sense to allow the customer to select an encryption option for this type of data OR build it into the application without an option to disable it.

Category: Compliance
STATUS DETAILS
Declined
Ideas Administrator

Thank you for your suggestion. After careful consideration, we’ve decided not to proceed with this functionality at this time.After careful consideration, we’ve decided not to proceed with this functionality at this time. This posting is provided “as is” with no warranties, and confers no rights.