Always Encrypted is not supported for SharePoint. This is because SharePoint uses dynamic SQL queries that are not compatible with Always Encrypted, which requires parameterized queries. The only supported encryption methods for SharePoint are:
- Transparent Data Encryption (TDE). Encryption at rest.
- BitLocker can be used on the SQL database volumes. Encryption at rest.
- Information Rights Management (IRM can be used to encrypt the documents at the library level and protects the data in transit and in use. However, it does not protect the data at rest, and it requires Active Directory Rights Management Services (AD RMS) or Azure Rights Management Services (Azure RMS).