Skip to main content

    Power BI

    New

    SQL Server 2016 Always Encription features.

    Vote (82) Share
    's profile image

    on 08 Jun 2016 01:21:20

    Enable SQL data source properties configuration when SQL connection is create. This way, will be possible use features like SQL Server 2016 Always Encrypted, that needs the propertie "Column Encryption Setting=enabled". If it's possible, I don't find a way the use. I try configurate in Advanced Editor, but didn't work

    Comments (8)
    's profile image Profile Picture

    574fc0bd ea12-4865-927b-45c30547b68e on 05 Jul 2020 23:57:45

    RE: SQL Server 2016 Always Encription features.

    It is no good to have encrypted data if you can not decrypt and report on it. This absolutely needs to be considered by Microsoft. We are unable to deliver reporting solution at the moment, it is a mood killer for financial organisations.

    's profile image Profile Picture

    b3dae7f2 f7d9-4dff-b130-7dde3881e98c on 05 Jul 2020 23:51:16

    RE: SQL Server 2016 Always Encription features.

    This is a significant showstopper from the GDPR perspective. Right now, the workaround is to use a SSAS (not Azure AS) with DirectQuery mode, but that's a significant administration cost and a risk to manage, as well as unnecessary for companies that aim to go PaaS and SaaS.

    A native connector with Always Encrypted support (including Azure Key Vault providers) would unblock a lot of things when trying to store PII data on Azure.

    's profile image Profile Picture

    05f4ab60 85e5-e711-813f-e0071b6aa0e1 on 05 Jul 2020 23:48:31

    RE: SQL Server 2016 Always Encription features.

    I thought this might work using the generic ODBC connector as that connector has parameters for talking to Azure Key Vault. Unfortuneately I got a bunch of key vault errors like the following:

    OLE DB or ODBC error: [DataSource.Error] ODBC: ERROR [CE269] [Microsoft][ODBC Driver 17 for SQL Server][SQL Server]Error 12038 sending request to https://cjdsqlvault.vault.azure.net:443
    ERROR [CE263] [Microsoft][ODBC Driver 17 for SQL Server][SQL Server]Error verifying signature of ECEK.
    ERROR [CE202] [Microsoft][ODBC Driver 17 for SQL Server][SQL Server]The keystore provider AZURE_KEY_VAULT failed to decrypt the ECEK

    's profile image Profile Picture

    74e21274 abb2-4803-9111-0fef4964d2df on 05 Jul 2020 23:26:19

    RE: SQL Server 2016 Always Encription features.

    We need this to address requirements for financial and health data.
    You may use SSAS between database and power bi to decrypt data.
    Not a solution because someone needs to administrate SSAS !

    's profile image Profile Picture

    916fceb3 427a-47bf-8c58-2fb89129563b on 05 Jul 2020 22:53:58

    RE: SQL Server 2016 Always Encription features.

    When dealing with any database containing PII information which people want to run reports where grouping occurs on the PII field, this is very critical. Please make this a priority.

    's profile image Profile Picture

    84275d1f b627-4e93-8277-cd6e9aaf3288 on 05 Jul 2020 22:46:50

    RE: SQL Server 2016 Always Encription features.

    This is a must have for HIPAA compliance in PBI.

    's profile image Profile Picture

    2009fe62 e60d-4583-b542-90f668a0f213 on 05 Jul 2020 22:37:43

    RE: SQL Server 2016 Always Encription features.

    This would also apply to Azure SQL DB, this is requested more and more from our customers and is a necessary connection type.

    's profile image Profile Picture

    c41cd8bf df7a-4716-b632-07fe8737418b on 05 Jul 2020 22:32:56

    RE: SQL Server 2016 Always Encription features.

    This is must have feature for financial and healthcare customers who wants to leverage SQL 2016 AlwaysEncrypted feature.