By Noam H. Arzt and Michael Berry
It is common practice today to encrypt data at rest, that is, data stored on servers. To build off an old adage, no one ever got fired for encrypting their data. But what protection does that really provide? Is just encrypting data enough?
First, let’s distinguish between three methods for encrypting data at rest.