I am using MariaDB's Data at rest encryption.
When firing the select query I can see the data as decrypted. After studying further this is the correct behavior.
But how do I even ensure that the data is even protected? How do I prove it to other people?
Your binary data folder can be found here:
mysql> show variables like 'datadir';
There you will find the raw files. If you have innodb_file_per_table on, it'll be easy to find the file that corresponds to your table.
For comparison, pick an unencrypted table. Open the binary file in a text editor (ideally a HEX editor but text editor should do). You should be able to see, among the binary markers, content of your table in plain text.
Next, open an encrypted file - there is no way you can decode it without the keyring.
On Linux,
You can check if your database files are encrypted by running strings on one of the .ibd storage files.
$sudo strings /var/lib/mysql/db_name/table_name.ibd
