RDS SQL TDE feature is disabled

Data protection

RDS SQL TDE feature is disabled

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

AliCloud CIS

Description

Alibaba Cloud ApsaraDB for RDS is an online database service for easy operation, manage and scale relational databases. TDE (Transparent Data Encryption) is a feature that helps to protect the data on the SQL database by encrypting the data that is being written to the disk and decrypting the data that is being read from the disk to memory. It was found that the instance '{AliCloudRdsDbInstance}' doesn't have TDE enabled and therefore the data at rest is might have a greater chance of being the subject of malicious activity.

Recommended Mitigation

It is recommended to enable TDE in all SQL instances that support this feature in order to improve the security of data at rest against malicious activity. To enable TDE on MySQL instances, follow the instructions at: https://www.alibabacloud.com/help/doc-detail/96121.htm. To enable TDE on SQL server instance, follow the instructions at: https://www.alibabacloud.com/help/doc-detail/95716.htm

RDS SQL TDE feature is disabled

Description

Need help?