Data Encryption

Introduction

Organizations need to protect application data at rest and in transit (especially in a cloud environment). Vault can encrypt and decrypt application data with an HTTP (TLS) API call. Key management, encryption algorithm, and more are offloaded and centrally managed by Vault.

In addition, Vault Enterprise offers an integration with HSM. Use FIPS 140-2 certified HSMs to ensure that Critical Security Parameters (CSPs) are protected in a compliant fashion.

Learning Path

Based on your organization's needs, refer to some or all of the guides provided on this track to get you started.