Reputation: 10356
Amazon RDS Security - Is there any alternative to Encryption at Rest?
When using a Cloud DB Provider like the Amazon RDS service, the service is responsible for various things like patching / updates / backup etc, does that mean that Amazon employees have access to the data within the DB itself?
If so, is there any way of ensuring that the provider's employees do not have access - to potentially misuse the data?
One way that I am aware of is by using Encryption at rest i.e. have my application encrypt sensitive data before saving to the DB and decrypt it on retrieval. However, this is not only an overhead in terms of performance but also requires changes to my application itself.
I am guessing that most customers who contemplate using a cloud DB service would probably have this as their first concern but I am somehow unable to get any specific answer around this either from the Amazon help / RDS security notes.
Note : While I understand that this is not really a programming question but i do feel that its not generic enough for programmers so I am posting it here.
Upvotes: 2
Views: 3061
Answers (1)
Reputation: 6945
No, they don't. There is a ton of security around how data is managed and who has access to it. http://aws.amazon.com/security/
Upvotes: 1
Related Questions
- What are the benefit of encrypting AWS RDS instance
- How to secure AWS RDS master username and password?
- Use AWS API and RDS to securely access data
- AWS RDS Aurora cluster enable encryption
- How to validate that data inside an RDS database is encrypted at rest?
- Enable encryption on existing database - AWS RDS Postgresql
- AWS RDS VPC Security
- How to disable AWS RDS encryption?
- What is encrypting data at rest in database means?
- Amazon RDS and client MySQL database securely