What is encryption at rest?
Encryption at rest is a security measure that encrypts data when it is stored, as opposed to encryption in transit, which protects data while it is being transmitted. Previously, Tiptap supported transport layer encryption via TLS, ensuring that your data was secure during transmission. Now, we have extended our encryption capabilities to the application layer, meaning that all documents you create and store within Tiptap’s Cloud are fully encrypted when they are not actively being accessed.
While both application layer encryption and disk-level encryption offer important security benefits, application layer encryption provides a more comprehensive approach.
Why is this important?
In today’s digital landscape, data breaches are a constant threat. While encryption during transit protects data as it moves from one location to another, encryption at rest ensures that data remains protected even if the storage medium is compromised.
With application layer encryption, your documents are encrypted before they are written to the database. This means that even in the unlikely event of a database breach, your data remains encrypted and inaccessible to unauthorized users.
Encryption at rest adds an extra layer of privacy, ensuring that sensitive information within your documents is protected from potential threats.
How does it work?
When you create or modify a document in Tiptap, our system automatically encrypts the data at the application layer before it is stored in our database. This process is seamless and does not impact the performance or usability of the Tiptap Editor. Your documents are encrypted using advanced encryption standards, providing you with peace of mind knowing that your data is secure.
If you have any questions about encryption at rest, please write to us at humans@tiptap.dev.
