Encrypting data at rest to meet the FIPS 140-2 standard
Dynamics 365 has the capability of encrypting data at rest (with a customer-controlled key) for some attributes in order to comply with the FIPS 140-2 standard. Dynamics 365 online has data encryption enabled by default.
Note
It is recommended that you change the default encryption key when you first create your online instance.
Note
Dynamics 365 online has all its data encrypted at rest using SQL TDE as stated in https://technet.microsoft.com/en-us/library/jj134930.aspx#BKMK_Securing:All instances of Dynamics 365 (online) use Microsoft SQL Server Transparent Data Encryption (TDE) to perform real-time encryption of data when written to disk, also known as encryption at rest.
In this recipe, we will demonstrate how to enable encryption in an on-premise Dynamics 365 implementation.
Note
Note that once encryption is switched on, it cannot be disabled.
Getting ready
The user enabling the encryption must be a System Administrator and must be part...