529 B
529 B
Exception
Creating encrypted storage is left up to the deployer to consider and implement. Although encrypting data at rest on storage volumes does reduce the chances of data theft if the server is physically compromised, it doesn't provide protection from a user who is logged in while the server is running.
Linux systems provide various options for storage encryption. The Linux Unified Key Setup is a good implementation to review.