DynamoDB users have a new encryption option from Amazon Web Services, as the cloud leader continues to try and make it difficult to leave your precious data unsecured.
Customers of its NoSQL database — a type of database designed for performance and flexibility — can now specify that their data will be encrypted when it’s stored “at rest,” or when it’s inactive, AWS announced in a blog post Thursday afternoon. This isn’t a default option; you’ll have to enable it when you create a new database table.
AWS has taken several steps in recent months to improve and simplify the encryption and security options it offers its customers after some of those customers suffered several high-profile data leaks. In most (if not all) of those cases, bad security decisions by those customers led to the loss of their data, such as overriding default security features for convenience.
But there’s always room for improvement, and Thursday’s announcement also has a competitive angle. Microsoft’s Azure Cosmos DB, one of its bigger Azure product launches in 2017, is also a NoSQL database that encrypts data at rest by default.
You’ll have to be running your DynamoDB database in one of four regions — U.S. East (Northern Virginia), U.S. East (Ohio), U.S. West (Oregon), and EU (Ireland) — in order to take advantage of this new feature, but these types of things tend to roll out to other regions fairly quickly.