Get Involved
Query: SQL managed instances should use customer-managed keys to encrypt data at rest
Description
Implementing Transparent Data Encryption (TDE) with your own key provides you with increased transparency and control over the TDE Protector, increased security with an HSM-backed external service, and promotion of separation of duties. This recommendation applies to organizations with a related compliance requirement.
Query
Tables used in this query:
Controls using this query: