Your suggested change has been received. Thank you.

Suggest A Change

Thank you! Your suggestion has been submitted.

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

There are some errors in your form.

Your Name This field is required

Your Email This field is required

How can we improve this content? This field is required

Administration
Release Notes

All

All

Administration

FAQs

Please Note:

Administration
Quick Start
Additional Deployment Methods
- Install CDP on a SQL Server node configured with availability group
- Install multiple meta-databases on a single SQL instance
- Install CDP on a passive machine in a SQL Server cluster
  - Install CDP on a passive machine in a SQL Server cluster
  - Manually install CDP on a passive node in SQL Server cluster
Tasks
- Encrypt a column
- Decrypt a column
- Re-encrypt data with new key
- Configure column-level encryption settings
- Set encryption parameters for multiple columns
- Delete data after encryption or decryption
- Delete views and triggers
- Recreate view and triggers
- Altering encrypted tables
  - Add unencrypted column
  - Add column to encrypt
  - Delete decrypted column
  - Delete encrypted column
  - Resize unencrypted column
  - Resize an encrypted column
  - Grant/revoke table and column permissions
- Upgrade CDP
  - Upgrade CDP in clustered environment
  - Upgrade a standalone CDP
- Uninstall CDP
- Upgrade database version
- Obscure Password
- View job history
- Export keys from CipherTrust Manager
- Fast search on encrypted data
- Map database user or role to CipherTrust Manager user
- Configure SSL connection
Advanced Topics
- Planning Encryption
  - Standard Encryption
  - Format Preserving Encryption
- Encryption Flow
- Key caching
- Configuration Parameters
  - Network Configuration Parameters
  - Connection Configuration Parameters
  - Local Encryption Configuration Parameters
  - Logging Parameters
  - SSL Configuration Parameters
  - SQL Server Specific Configuration Parameters
- Tables and Views
- Database Objects
  - UDFs for Standard Encryption
  - UDFs for FPE
  - Examples of Direct UDFs Calls
- Sample for setting encryption parameters for multiple columns
- User Mapping
- Error Replacement
- Limitations
Tips and Best Practices
Troubleshooting
FAQs

CDP for MSSQL
Administration
FAQs

FAQs

Can I download keys from CipherTrust Manager and use them in CDP?
Yes. You can download keys from CipherTrust Manager. Once the keys are cached, the cryptographic operations can continue without access to the server, and thus improves the performance.
Can I use versioned keys for encryption?
Yes. CDP supports encryption using versioned keys. However, you can encrypt only with the active versions of a key.
What happens to the primary key during encryption?
The primary keys are dropped during encryption. You must manually recreate primary keys if you want to preserve the conditions established by the primary keys.
Can I delete un-needed data after encryption/decryption?
Yes. After you encrypt your table, a new row of encrypted data is added, but the original data still exists in plaintext. Likewise, after decrypting your data, the ciphertext remains on the table. We strongly recommend you to delete this data.
Can I encrypt data while retaining the format?
Yes. CDP supports encryption of well formatted data and preserves the formatting even after encryption. Refer to Format Preserving Encryption (FPE) for details.
How will I ensure the integrity of the encryption key?
The best way to ensure the integrity of the key is to rotate them on regular basis. Key rotation should be included as a regular part of your security maintenance plan.

On this page

CDP for MSSQL

© Copyright 2019-2024, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com

Support
- Support Contacts
- Text Conventions
Legal

© Copyright 2019-2024, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com