Is SharePoint Server 2019 or SharePoint Server Subscription Edition compatible with SQL Always Encrypted?

Arthur 25 Reputation points
2023-09-15T09:52:02.08+00:00

Hello,

Is SharePoint Server 2019 or SharePoint Server Subscription Edition compatible with SQL Always Encrypted?

https://learn.microsoft.com/en-us/sql/relational-databases/security/encryption/always-encrypted-database-engine?view=sql-server-ver16

Unfortunately, I can't find any official sources on this; only SharePoint Server 2016 has a semi-official reference:

https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/sharepoint-2013-2016-and-sql-server-2016-supportability-with/ba-p/333312

Thanks a lot!

Regards,

Arthur

SharePoint Server
SharePoint Server
A family of Microsoft on-premises document management and storage systems.
2,333 questions
SQL Server
SQL Server
A family of Microsoft relational database management and analysis systems for e-commerce, line-of-business, and data warehousing solutions.
13,689 questions
0 comments No comments
{count} vote

Accepted answer
  1. Alberto Morillo 33,696 Reputation points MVP
    2023-09-17T05:00:14.9066667+00:00

    Always Encrypted is not supported for SharePoint. This is because SharePoint uses dynamic SQL queries that are not compatible with Always Encrypted, which requires parameterized queries. The only supported encryption methods for SharePoint are:

    1. Transparent Data Encryption (TDE). Encryption at rest.
    2. BitLocker can be used on the SQL database volumes. Encryption at rest.
    3. Information Rights Management (IRM can be used to encrypt the documents at the library level and protects the data in transit and in use. However, it does not protect the data at rest, and it requires Active Directory Rights Management Services (AD RMS) or Azure Rights Management Services (Azure RMS).
    3 people found this answer helpful.

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.