Hi
In Multi-domain Infrastructure, we have recently switched to use Windows Authentication to connect to our db instances. We are using the runas.exe command to lauch SSMS as the domain\username from our laptops running in our local domain. It has come to our attention during a recent security scan that the initial connection to the db is not secure and a plain text payload can be viewed containing instance name, domain user name, etc... Do you have any experience/advice as to how we can make this connection secure?
I dont want to add force encryption because that's a performance impact-
SQL Server on 2014 - so is there anyway i can use always encrypted for 2014 or any recommendations for this ?