A symmetric encryption standard using a 128-bit key length from the Advanced Encryption Standard (AES) algorithm, widely used to protect data at rest and in transit.
- AES-128 is FIPS 140-2 compliant: It is accepted by regulatory frameworks including HIPAA, PCI DSS, and SOX for protecting sensitive data.
- SQL Server uses AES-128 as an option for: Transparent Data Encryption (TDE), backup encryption, and Always Encrypted column-level encryption.
- Provides a strong balance of security and performance: It is suitable for most enterprise database encryption requirements.
- DBAs should evaluate whether AES-128 or AES-256 is required: This decision should be based on data sensitivity and compliance mandates.
- Related Idera tools: SQL Secure audits encryption configurations to verify that databases meet required encryption standards.
- Related terms: AES-256, Transparent Data Encryption (TDE), Always Encrypted, FIPS compliance.
