About the integration
This guide describes how to enable HSM integration with Microsoft SQL Server Always Encrypted.
For more detailed information regarding Microsoft SQL Server and Always Encrypted, please refer to the documentation provided by Microsoft.
Microsoft SQL Server Always Encrypted
Always Encrypted is a feature in Windows SQL Server 2019 designed to protect sensitive data both at rest and in flight between an on-premises client application server and Azure or SQL Server database(s).
Data protected by Always Encrypted remains in an encrypted state until it has reached the on–premises client application server, this effectively mitigates man in the middle attacks and provides assurances against unauthorized activity from rogue DBAs or admins with access to Azure / SQL server Databases. Always Encrypted was designed to be used in conjunction with Transparent Data Encryption; however, TDE is NOT a requisite for implementing Always Encrypted.
UTIMACO CryptoServer HSM
CryptoServer is a hardware security module developed by UTIMACO IS GmbH. CryptoServer is a physically protected specialized computer unit designed to perform sensitive cryptographic tasks and to securely manage as well as store cryptographic keys and data. It can be used as a universal, independent security component for heterogeneous computer systems.
Are you interested in this document?
Simply add it to your collection. You can request access to this and other documents in your collection all at once via the blue basket on the right.