Technology Reference

Encryption at Rest

Data ProtectionMedium ComplexityLearning: Medium

All data stored in Databricks is encrypted by default — AES-256

// Guidance

Decision Guide

✓

✗

// Details

Vs Customer Managed Keys

platform managed:: Zero config, automatic rotation, no operational overhead
customer managed:: Key custody, custom rotation, revocation capability, operational overhead
verdict:: Platform-managed is sufficient unless regulation requires key custody

// Related

1 controls use Encryption at Rest for implementation.

See how Encryption at Rest compares to other access control approaches with our detailed comparison table.