I played around with TDE a couple of weeks ago, and I was surprised by how difficult it is to implement. I’d expected to be able to check a box, put in a password, and click OK, but it’s nowhere near that easy. Restoring encrypted databases from one server to another can also give DBAs a nasty surprise when they least expect it.
I’ve heard several DBAs comment recently about how SQL Server Management Studio is targeted more at developers than it is database administrators, and I think 2008 will reinforce that perception. Implementing TDE is a good example: there’s no wizard, there’s no obvious steps, etc. Right-click on a database and try enabling encryption, and there’s no obvious reason as to why the feature is disabled – the DBA has to dig through documentation to find out that a server certificate is required first. Ugh. TDE is a good first step towards secure data files, but any toddler will tell you that those first steps are always the toughest.
3 Comments. Leave new
Has this been enhanced or changed in SQL 2016?
Why not give it a shot and try? Developer Edition is totally free. Go for it!
I did find this url that has decent write-ups, now that TDE is available for 2019 Standard.
https://www.sqlservercentral.com/blogs/tde-in-standard-edition-on-sql-2019
We are looking at implementation.