In addition to access control, encryption is a second effective and easy-to-implement form of protection. There are two types of encryption: transport encryption and data encryption.
Transport encryption secures the data during the connection from the application over the Internet to the public cloud and back. The TLS 1.2 protocol is usually used for this. If available, the newer version TLS 1.3 should be activated. With some providers, it is not certain whether this connection is an end-to-end connection that reaches the actual database server. They often have a load balancer in between, which terminates the secure connection. It may then connect to the database via a second secure connection. An end-to-end connection that leads directly to the database is ideal.
As usual, connections with transport encryption are authorized via a certificate. In most cases, this is one issued by an official Certificate Authority (CA). Alternatively, there is also the option of setting up a self-signed certificate when initially configuring the database australia telegram screening system. Only a few providers give the companies using it the option of bringing their own certificate. This option is required by some companies for compliance reasons.
Transport encryption alone does not provide sufficient security. The data should be encrypted when it is stored on data carriers. Otherwise, it is at least readable in plain text by the provider's employees.
Data encryption using AES (Advanced Encryption Standard) with a 128-bit key length prevents this.