We need to ensure our software is compliant with Amazon Marketplace Web Services (MWS) conditions of use. One key area is database encryption at rest for PII.
We use Amazon RDS and have encryption at rest enabled already (https://aws.amazon.com/rds/features/security/). On its own, this is our perfect solution as it allows simple data access and search from without our application.
Additional to the encryption provided by RDS, there are a lot of solutions available to repeat and/or replace this at an application level. i.e. a function is used to encrypt and decrypt the data into and out of the database. We have a simple
encryptable trait on our models that used
Crypt to encrypt and decrypt models into and out of the database. This is simple and works well for this one purpose but it prevents simple searching of records that is a key part of our application.
My question is... are both of these necessary? Amazon will be able to approve/disapprove our plan either way but I wonder more from a pragmatic viewpoint.
My thoughts are:
If the webserver is compromised then either way our data is likely to be exposed.
If the database server is compromised; whether we use RDS integrated encryption and/or our own then the data is secure.