Always encrypted is a new feature introduced to encrypt the in rest as well as during transport. It’s been quite long time the feature has been released to general public. In this encryption method the encryption will be done at the client side. Encryption keys can be stored in Azure vault, Windows certificate store in client server or in hardware module. Since the encryption keys doesn’t sit in the database engine it doesn’t reveal the actual data and even this is applicable for an administrators.