Definitions

Transparent Data Encryption (TDE): A Microsoft SQL Server feature that performs real-time I/O encryption and decryption of data and log files to protect data at rest without requiring changes to applications.
Always Encrypted: A SQL server feature that provides client-side encryption with separation between data owners and data managers, encrypting sensitive data in the database, during transit, and while being processed.
Windows event logs: Windows logging system that records system, security, and application events, providing crucial audit trails and security monitoring capabilities for Microsoft workloads.
Performance counters: Windows-based metrics that provide detailed information about system and application performance, including security-related metrics for monitoring and alerting purposes.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Security

Design principles