


It's a good idea to use a single type of encryption algorithm for all data - although there may sometimes be logistical constraints that make this impossible.

Standardize the method of storage encryption If access policies grant everyone - including unauthenticated users - access to the data, then encryption becomes meaningless. Excessively permissive access control policies can undermine the security benefits gained with storage encryption. Although this best practice might seem to have little to do with storage encryption at rest, there is a reason for its inclusion here. Regularly review the access control permissions for data. Here are three best practices for working with storage encryption at rest.
