I was going through the examples for SQL column encryption as our Databases do store some sensitive data. I was able to create s Symmetric Key and a Certificate. Then using the function EncryptByKey, I encrypted a column. Good.
Here's my concern. I run these 2 queries:
select * from sys.symmetric_keys
select * from sys.certificates
Now my key name and certificate name appear. And I can use these to decrypt the column. So, it seems to me, the sensitive data is safe from the basic SQL User. However, any user with a little more SQL knowledge should be able to decrypt the data fairly easily.
So if anyone can explain what I'm missing or provide a good link on the topic, that would be helpful, thankyou.