![[Nutanix_Pukiwiki]](image/Nutanix_Logo.jpg "[Nutanix_Pukiwiki]"){kind=logo}
[[NutanixTerms]] * Protecting Data at Rest - Encryption: [#w29c4592] -Ref:http://en.wikipedia.org/wiki/Data_at_Rest#Protecting_Data_at_Rest_-_Encryption -Also Refer: http://en.wikipedia.org/wiki/Data_at_Rest >Data encryption, which prevents data visibility in the event of its unauthorised access or theft, is commonly used to protect Data in Motion and increasingly recognised as an optimal method for protecting Data at Res >Data encryption, which prevents data visibility in the event of its unauthorised access or theft, is commonly used to protect Data in Motion and increasingly recognised as an optimal method for protecting Data at Rest. The encryption of data at rest should only include strong encryption methods such as AES, RSA, and SHA-256. Encrypted data should remain encrypted when access controls such as usernames and password fail. Increasing encryption on multiple levels is recommended. Cryptography can be implemented on the database housing the data and on the physical storage the databases are stored. Data encryption keys should be updated on a regular basis. Encryption keys should be stored separately from the data. Periodic auditing of sensitive data should be part of policy and should occur on scheduled occurrences. Finally, only store the minimum amount of sensitive data as possible [[Learning]]
