Does property encryption also encrypt corresponding value in BLOB?
My understanding is that if a property is optimised for reporting, the original unoptimised value remains in the BLOB, and that somehow both values (i.e. the value in the separate column, and the corresponding value in the BLOB) are kept in sync.
Suppose my client chooses to implement property encryption of this property (i.e. via a PropertyEncrypt access control policy listing this property) but not to implement encryption of the entire BLOB.
Since the BLOB is not encrypted, does this mean that the unencrypted value is still present in the BLOB and can still pose a risk of being intercepted by a data thief?
Or does the value in the BLOB somehow get encrypted?