security

Encryption at Rest

Definition

Encryption at rest protects stored data by encrypting it on disk so that physical access to storage media does not yield readable data. Cloud services typically offer default encryption using platform-managed keys, with options for customer-managed keys via KMS or HSM for regulatory requirements.

It complements encryption in transit (TLS) to provide defense-in-depth for data protection.

Related Terms

KMS

Key Management Service

HSM

Hardware Security Module

TLS

Transport Layer Security

← Back to Glossary

Ship secure code faster

Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.

Talk to a Human See the Product