We're setting up Encryption - TDE. My familiarity level is not great.
I was backing up the Certificates onto the SQL Server. Is there any point to the encryption if I leave them there? i.e. if I hacker breaks in and sees these, I'm worried they could take they .cert files along with the .bak files.
I'm asking because I understand ideally I should put the .cert files in a vault or something but our department hasn't yet determined what that vault should be.