Pages

Implementing Transparent Data Encryption (TDE)

Steps involved to implement TDE

Step I - Create Mater Key in Master Database

USE master;
GO

CREATE MASTER KEY
ENCRYPTION BY PASSWORD = 'KeepSafeDB2014';
GO

Step II - Create Certificate in Master Database

USE master;
GO

Create certificate TDECert
with subject = 'Cert Used for TDE';
GO

Step III - Create Database Encryption Key on “TDE_DB” database

USE TDE_DB;
GO

CREATE DATABASE ENCRYPTION KEY
WITH ALGORITHM = AES_128
ENCRYPTION BY SERVER CERTIFICATE TDECert;
GO

Step IV - Enable TDE on TDE_DB database

USE TDE_DB;
GO

ALTER DATABASE TDE_DB
SET ENCRYPTION ON;
GO