Transparent Data Encryption (TDE) - Database Reference Guide - Foundation 23.1 - Foundation 23.1 - Ready - OnBase - external

Database Reference Guide

Platform
OnBase
Product
Database Reference Guide
Release
Foundation 23.1
License

Transparent data encryption (TDE) is a method for encrypting the data throughout an entire database. The encryption is independent of the OnBase application and is managed exclusively by SQL Server. It protects data at rest (the data that resides in the physical database files) but does not protect any data in memory or data in transit to and from the application.

Implementing TDE may have an impact on performance due to the encrypting and decrypting of data as it is entered/modified/requested from the database. It is also important to note that implementing TDE will not only encrypt the selected database, but will also encrypt the tempdb on that SQL Server instance. Any other database installed on the same instance as the encrypted database will also inherit a possible performance impact when it needs to use tempdb because that database will need to encrypt and decrypt the data that travels through the tempdb. Where possible, it is highly recommended that performance metrics are captured before and after implementation to verify that the system performs appropriately. Additional information regarding Transparent Data Encryption can be found in Microsoft SQL Server Books Online.