{question}
What methods available to configure SingleStore for Encryption at Rest?
{question}
{answer}
Encryption at Rest
SingleStore is compatible with the below-mentioned at-rest encryptions. It allows you to protect all SingleStore DB information, including data files, backups, and logs, from unauthorized access. The process is also known as Transparent Database Encryption or TDE. Generally, with any encryption, before encrypting, we need to be sure that encryption of the File System is transparent to the applications running on the OS as if the application is working with the decrypted data.
Vormetric Transparent Encryption
VTE encrypts all protected SingleStore DB data with strong encryption. It's supported in SingleStore 7.1 or newer. If the encrypted data is obtained in any way by someone without keys to access it, it will be useless. Click here to learn more about integrating VTE.
IBM Guardium Data Encryption
IBM Guardium Data Encryption encrypts all protected SingleStore DB data with strong encryption. It's supported in SingleStore 7.1 or newer. If the encrypted data is obtained in any way by someone without keys to access it, it will be useless. Click here to learn more about integrating IBM Guardium Data Encryption.
LUKS (Linux Unified Key Setup)
LUKS encryption is supported even by the older version of SingleStore (6.8), which is already EOL. LUKS is the most widely supported one, yet it doesn't support an existing File System encryption. LUKS allows encryption of only newly created File System, which means File System had to be re-created. Click here to learn more about the LUKS setup process.
{answer}