Always Encrypted With Powershell

Jakub Szymaszek shows how to configure Always Encrypted support from Powershell:

Note: In a production environment, you should always run tools (such as PowerShell or SSMS) provisioning and using Always Encrypted keys on a machine that is different than the machine hosting your database. The primary purpose of Always Encrypted is to protect your data, in case the environment hosting your database gets compromised. If your keys are revealed to the machine hosting the database, an attacker can get them and the benefit of Always Encrypted will be defeated.

That’s a good warning.

Related Posts

Non-Administrative Powershell Remoting And January 2019 LCU

Emin Atac tests out a security change made in the January 2019 Latest Cumulative Update for Windows: My first concern was: if it’s a security vulnerability, what’s its CVE? The blog post answer is: CVE-2019-0543 discovered by James Forshaw of Google Project Zero My second concern was twofold. Is the chapter about A Least Privilege Model Implementation Using Windows PowerShell published in the […]

Read More

Getting Reporting Services Installation Details With Powershell

Josh Smith wants to find every installation of SQL Server Reporting Services on a machine: This is one of those posts so I never have to google this again (one hopes). Here is the PS code to pull back a set of details about every SSRS instance installed on a server including the SSRS instance […]

Read More

Categories

January 2017
MTWTFSS
« Dec Feb »
 1
2345678
9101112131415
16171819202122
23242526272829
3031