Many developers using hosted database solutions like Amazon RDS or Microsoft Azure are familiar with the “encrypt at rest” checkbox provided by their host. This will provide a modicum of security, but only defends your data against a narrow set of potential threats. Instead, we’ll discuss both the threats this feature does and does not protect against and some practical approaches to handling the uncovered edge cases. Attendees will learn how their application can both encrypt and decrypt data before communicating with an external data store for complete data protection.

By the end of this session, you will have learned:

The difference between encryption at rest and in transit
Some of the approaches to end-to-end data protection
How to construct an application that handles protected data securely

Comments

Comments are closed.

David Sutphin at 21:11 on 23 May 2019

Good info on at-rest encryption and application-level encryption.