At-Rest Encryption for Complete Data Protection
Many developers using hosted database solutions like Amazon RDS or Microsoft Azure are familiar with the “encrypt at rest” checkbox provided by their host. This will provide a modicum of security, but only defends your data against a narrow set of potential threats. Instead, we’ll discuss both the threats this feature does and does not protect against and some practical approaches to handling the uncovered edge cases. Attendees will learn how their application can both encrypt and decrypt data before communicating with an external data store for complete data protection.
By the end of this session, you will have learned:
- The difference between encryption at rest and in transit
- Some of the approaches to end-to-end data protection
- How to construct an application that handles protected data securely