Encryption at rest
We see security as a crucial subject and we believe this should be a built-in feature, not an option.
To prevent data leaks, we already encrypt all in-transit data, including the network traffic between all of our hypervisors. We're acting as if we had absolutely no trust in the underlying private networks we use.
We also need to encrypt all customer data stored at rest, without any action required from the user. Once this feature is deployed in production, all customer data stored on our hypervisors will be encrypted using AES256.
Our hypervisor SSDs should already be erased when they are decommissioned, this will simply add another layer of security to prevent data leak in case of a process failure.
marked this post as