On Premise users can add an additional layer of security to the Perspective database by encrypting it with Transparent Data Encryption (TDE), which is entirely transparent to the Perspective application.
When implementing TDE, all changes are done in SQL Server, no additional configuration is required, and there’s no impact on the application code or its functions when TDE is enabled on a database referenced by that application.
Because this encryption is a feature of Microsoft SQL Server, Resolver is unable to provide instructions on how to implement TDE. For more information, visit the Microsoft Developer Network site.
Any TDE-related tasks should be performed by advanced users only after reviewing their systems and consulting with Microsoft to determine the best course of action.
When TDE is enabled on a database, all backups are encrypted. Special care must be taken to ensure the certificate that was used to protect the DEK is backed up and maintained with the database backup. If this certificate (or certificates) is lost, the data will be unreadable. Resolver is unable to decrypt the data if the certificate is lost.
TDE will affect the performance of Perspective. For low CPU functions, there will be only a small impact, but high CPU functions can affect performance by up to 28%. If you’re using both SSL and TDE, your performance may be affected further as the information will be encrypted for transmission from the server and re-encrypted for transmission over web services. Please take this into consideration when setting up TDE.
TDE is available only for the Enterprise and Developer editions of Microsoft SQL Server 2008 or later.