Encryption at rest
06 November 2017 12:10 PM
|
|
SummaryDoes MarkLogic provide encryption at rest? MarkLogic 9MarkLogic 9 introduces the ability to encrypt 'data at rest' - data that is on media (on disk or in the cloud), as opposed to data that is being used in a process. Encryption can be applied to newly created files, configuration files, or log files. Existing data files can be encrypted by triggering a merge or re-index of the data. For more information about using Encryption at Rest, see Encryption at Rest in the MarkLogic Security Guide. MarkLogic 8 and Earlier releasesMarkLogic 8 does not provide support for encryption at rest for its own forests. Using Amazon S3 Encryption For BackupsIf you are hosting your data locally, would like to back up to S3 remotely, and your goal is that there cannot possibly exist unencrypted copies of your data outside your local environment, then you could backup locally and store the backups to S3 with AWS Client-Side encryption. MarkLogic does not support AWS Client-Side encryption, so this would need to be a solution outside MarkLogic. See also: MarkLogic documentation: S3 Storage. See also: AWS: Protecting Data Using Encryption. | |
|