Currently, data is retrieved in plain text when BCP is running against a table that supports encrypted columns, and the user has permission to view the data in the columns.
The new BCP command line option (-C) allows bulk movement of cipher-text data for authorized users. For this to occur, you must use the -C option, and the table located on the server must support encrypted columns. This results in a SQL command, set ciphertext=on, to be sent to the server before initiating any bulk library routines to produce cipher-text.
If the new option -C is present and the server does
not support encrypted columns, no error will be generated. Instead,
BCP will send the SQL command based on the presence of a table, sysencryptkeys.
If a SQL command fails when this table is present, it is considered
a fatal error.
