cancel
Showing results for 
Search instead for 
Did you mean: 

Head's Up! These forums are read-only. All users and content have migrated. Please join us at community.neo4j.com.

Neo4j encryption on data-at-rest

I'm looking for options to encrypt the data-at-rest. Please let me know for the details

5 REPLIES 5

Just use file/folder encryption on the Neo4j folder and children.

I'm new to this encryption , sorry for the silly questions I ask. Would you let me know how can I read from this encrypted folder from neo4j or java

Google: "security at rest"
All it means is that the data is encrypted when the machine is off. When the machine is on, you can access it just like any other data.

It has zero bearing on Neo4j, would not impact Neo4j operations, and can not be implemented by Neo4j. It is form of security applied at the OS or filesystem, not in your database.

Also, it only protects your data in the event someone physically steals the hardware the data is stored on. If you're discussing "encryption at rest", then you're discussing data-security. That is a deep and complex subject that requires specific expertise and study to fully understand the scope and methods of keeping data secure.

I strongly advise you seek assistance from a software security expert

Thank you Tony.. Do we have other option to encrypt the data at the database level which means that we will not be able to see the data in clear text until it is decrypted

Thanks in Advance

There are many ways to accomplish this, however they all come with risks and drawbacks.

You must have an encryption key when you add data to the graph, and when you need to read the data. Thus encrypting the data simply moves the risk from application itself, to the key and when/where you crypt.

Ultimately, you need to ask when must the data be un-encrypted. Once you have the answer to that question, you can define how/when to encrypt. However, if security is your concern, there are many other things worth considering first. Again, please get expert assistance. Proper security is not as simple as encrypting the data, and cannot be solved with a simple back-and-forth on a forum.