Maximum Transparency, Only Encryption.

This mode can also be called "Only data-at-rest encryption".

Very often vendors have a requirement to encrypt database files without restricting access for users. In this case, encryption is absolutely transparent. Additionally you may allow SQL statements to be visible by SQL Profiler and unencrypted backups.

Important: With default settings, DbDefence will encrypt and protect your database from unauthorized access. It will add an additional layer of security and all existing applications will lose access to the database. If you want maximum transparency and don't want additional access control, you need to change the settings before encryption.

To encrypt the database without access restrictions, press "Change Options" in DbDefence Encryptor before encrypting the database. On the following dialog, mark "Only Encryption" and "Allow SQL Profiling" (if required), as shown.

Allow Access

Popular Question: How can I see that the database is encrypted?

You may compare the content of the database (or backup) after encryption. Create a backup of the database before and after encryption, then open files with your favorite text editor. Windows Notepad can easily open and see small backups. To see the content of the database data file (.mdf), you need to stop the SQL Server instance or take the database offline. Database files are usually stored in the DATA folder of the SQL Server instance.

Here is the difference between unencrypted and encrypted files.

Encryption difference


Encrypted backup can't be restored without taking special steps. To learn more about backup/restore for an encrypted database click here. You may also setup unencrypted backups for the database