As in earlier versions, Adaptive Server 15.0.2 encrypts keys using the system encryption password by default. The SSO or key custodian sets the system encryption password using:
sp_encryption system_encr_passwd, 'password'
Using a system encryption password simplifies the administration of encrypted data because:
Key management is restricted to setting up and changing the system encryption password.
You need not specify passwords on create and alter encryption key statements.
Password distribution and recovery from lost passwords are not required.
Privacy of data is enforced through decrypt permission on the column. Restricted decrypt permission reinforces this privacy against the power of the administrator. See “Restricting decrypt permission” for more information.
