Always Encrypted

Blog by Kasper on BI: Use Always Encrypted data with SSAS and Power BI

Episode Quotes

“There’s no security that’s completely foolproof. There’s always some penetration holes, there’s always someone that needs to be the master of the keys.”

“You have Always Encrypted available to you and it just makes life a lot easier, and the ability to encrypt data without going through a lot of work.”

“It is not the be-all-end-all, it’s just yet one additional hurdle we can put between us and malicious hackers.”

“No one’s going to want to take on extra responsibility, typically it has to come from the top and they have to mandate it.”

Listen to Learn

00:40     Intro
01:24     Compañero Shout-Outs
01:54     SQL Trail
02:43     SQL Server in the News will start picking back up soon
03:10     Intro to the guest and topic
05:42     What exactly is the purpose of Always Encrypted?
08:30     Applications need access to the data
09:37     Why Always Encrypted, when there are algorithms out there that I can use?
12:49     The deterministic and randomized settings
15:25     Sam’s recommendation on when to use Always Encrypted
16:38     Always Encrypted is on by default in Azure?
17:38     Request for input from listeners who are managing keys on-premises
20:47     What if you’re using a third-party hardware security module?
21:27     A ‘gotcha’ with Always Encrypted and a compare/contrast of TDE and AE
24:48     How responsibilities with Always Encrypted should be shared
26:03     Last thoughts on Always Encrypted
28:04     SQL Family Questions
33:58     Closing Thoughts