Home > Storage > ObjectScale and ECS > Product Documentation > ECS General Best Practices > Data at Rest Encryption
ECS provides server-side encryption to protect data on disk. Key management is either done automatically or specified by user. Enabling this ECS Data at Rest Encryption (D@RE) option is done at the namespace level or bucket level, allowing customers to control what level handles encryption. If encryption is at the namespace level, all buckets within namespace are encrypted unless encryption is disabled at bucket creation time. If encryption is not enabled at namespace level, buckets can enable encryption individually at create time.
D@RE best practices |
|