Up to this point, I’ve focused on cell-level encryption, which represents a significant portion of SQL Server’s encryption functionality. Cell-level encryption can be an extremely useful tool for targeted data encryption, but it does have some drawbacks. For one thing, a proper strategy involving cell-level encryption requires careful planning to balance the needs of security and performance. Cell-level encryption can be difficult, or impossible in some cases, to implement when you already have a database in production. The cost of refactoring a complex database (and its dependent applications) can be a significant deterrent to implementing cell-level encryption.