We're excited to announce that we'll be joining the One Trust family! Together we'll help companies get certified, build trust, and win deals. Find out more about it here on the Helm or check out our official press release. Feel free to leave a comment or question regarding the big news.
Soc2 Encryption at Rest in AWS S3
S3 comes with essentially 3 types of encryption at rest.
Server-side (AES256) with no keys
KMS with with AWS supplied key that can only rotate every 3 years
KMS with a Customer Management Key (CMK), that can be rotated once a year.
What is the minimal level of encrytion on S3 considered SOC2 compliant?