Pieter Vanhove has an enclave, which is sort of like a Bat-cave:
Always Encrypted is a feature of Azure SQL and SQL Server that allows you to encrypt sensitive data in your database. The data is never exposed in plaintext to the database engine, or anyone who has access to it.
However, Always Encrypted has some limitations. For example, you cannot perform any computations or operations on the encrypted data, such as sorting, filtering, or indexing. Secondly, an initial encryption must be done on the application side which can be time consuming on a large set of data.
That’s where Always Encrypted with secure enclaves comes in.
Read on to see what secure enclaves give you, as well as how you can enable it and what changes your application might require.