I understand that, by default, there is no encryption of the database at rest for Moodle. However, I wondered if anyone could tell me if it is feasible and what sort of impact this has had upon their LMS? We are running our our own dedicated server.
We have received a very specific request for "Database encryption at rest. This is not full disk encryption from a physical security perspective but we require file or field level encryption of our data. If/when a cyber adversary gets on your back end network and somehow exfiltrates the database, this must be encrypted".
I'm sure I can't be the only person with this query, but having trawled the forums there is not a lot of help around this issue - and certainly not much in the way of resolution. I have read in this post here that encryption would be largely pointless when using Azure, as whilst the server is up and running the data is unlocked anyway - but I'm not sure how this might apply to our dedicated server instance.
Can anyone assist?