I have read that one practice to secure the data at rest is to keep the database in encrypted way. But this raises one question in my mind that won't this mean that indices will no longer work on the database?.
Asked
Active
Viewed 47 times
0
-
The question is very generic. Keep it encrypted where, at AWS RDS? – Marcin Jun 19 '21 at 09:01
-
@Marcin. Actually, this is not related to AWS at all. This is indeed generic, where we are keeping database encrypted stored natively at our own servers, but to keep data at rest secured, we are keeping database encrypted. – grit639 Jun 19 '21 at 09:03
-
I see. Sorry, I don't know. – Marcin Jun 19 '21 at 09:06
-
Yes and no. Most (all?) common databases offer their own optional encryption features. In this case the encryption and decryption is handled by the database transparently, so that effectively when you are using it the database appears to be unencrypted but at rest it appears to be encrypted. But if you encrypted the data yourself and inserted encrypted data into the database then, yes, you would need to something special. This "something special" is full topic on its own, see [this article.](https://paragonie.com/blog/2017/05/building-searchable-encrypted-databases-with-php-and-sql) – President James K. Polk Jun 19 '21 at 14:23