Mendix Encryption for Rest

1
Hi all,   In the Mendix Documentation we found this quote: Mendix offers encryption for data at rest and in transit for app environments out of the box. For more encryption control, Mendix supports the encryption of specific columns within application databases and makes it possible to encrypt uploaded files.   How does this works? Is the data in Rest always encrypted? If Yes, which method is being used? TDE or DARE? If no, how can we encrypt our Rest calls the easiest way,   Thnaks for your help!    If no, are there ways to encryptour data using Rest?
asked
2 answers
1

Since your REST calls are all HTTPS your calls are indeed encrypted. But if you want for some reason on top of that additional encrypttion you would need to do that yourself. You could use your JSON payload and encrypt those and just send those encrypted strings to the other end. But they would then need to decrypt those strings back to JSON before they could be processed.

Regards,

Ronald

 

answered
1

‘Data at rest’ is in no way related to REST API's. In fact, it’s the opposite: when using REST API’s, your data is ‘in transit’ instead of ‘at rest’. You can read about the concept of data at rest at https://en.wikipedia.org/wiki/Data_at_rest .

 

The text also mentions that data ‘in transit’ is encrypted, and that is because Mendix only allows secure incoming connections (i.e https connections).

answered