Azure SQL doesn't support many of the encryption features found in SQL Server (Table and Column encryption). What is the best practice for doing application level encryption into a database that doesn't support encryption? Also need
- Key rotations
- metadata mapping of which tables and which columns are encrypted. This is simple when it's just couple of columns (send an email to all devs/document) but that quickly gets out of hand
If someone would like to recommend a library, I'd be happy to stay away from "DIY" too.
Best Answer
I think that your problem can be solved with the MS framework called "Trust Services". Buck Woody explains in this article how you can use it to solve problems of encrypted data with SQL Azure. From his article, a short description about how to use Trust Services:
Further reference: