Securing your data: Encryption at Rest for Silverstripe Cloud environments

At Silverstripe, we’re always looking for ways to strengthen the security and reliability of our Silverstripe Cloud platform because we know how much our clients depend on it every day. That’s why we’re excited to announce a significant improvement that will soon be in place across all environments: Encryption at Rest will become the default for data stored on Silverstripe Cloud.

Starting from September 2025, all new environments created in Silverstripe Cloud will be encrypted at rest by default. For existing environments, we’ll start rolling out encryption from October 2025.

This is more than a technical update—this is an important step toward improving your data protection posture, supporting compliance, and giving your security (and other) teams peace of mind.

What is Encryption at Rest?

Encryption at Rest means protecting data while it is stored (as opposed to “in transit,” where encryption protects data being transmitted over a network). Through encrypting data at rest, our platform ensures that even if someone were to gain access to the underlying physical hardware and systems, like hard drives or supporting services, the data remains unreadable without the proper cryptographic keys.

In Silverstripe Cloud Encryption at Rest will apply to:

• Databases: Data stored in your databases, automated backups, read replicas, and snapshots.
• File storage: All file-level data stored in Silverstripe Cloud will be encrypted using industry-standard AES-256 encryption.

Why this matters for you

We believe that strong security should be built into the foundation of any platform, and Encryption at Rest is one of the most effective, low-impact ways to reduce risk without disrupting your day-to-day operations.

Benefits for Silverstripe Cloud customers

Strengthens data security

Encryption adds a critical layer of protection. Even in the unlikely event that someone gains access to your storage system, the data remains scrambled and unreadable without the correct decryption keys.

Supports compliance requirements

Whether you're working with public data, commercial services, or handling sensitive information, Encryption at Rest aligns with common security frameworks and compliance standards including:

• NZISM (New Zealand Information Security Manual)
• ISO 27001
• GDPR (General Data Protection Regulation)
• NIST Guidelines

Having Encryption at Rest also makes it easier for you to respond to client security assessments and audits.

Builds and maintains trust

Data protection is a major concern for any digital organisation. By provisioning Encryption at Rest by default, we’re signalling to your stakeholders, whether internal teams, partners, or your own customers, that their data is being stored securely and responsibly.

Seamless and hands-off

Perhaps best of all, there’s no need for action on your part. Our cloud platform takes care of the encryption setup and integration behind the scenes. The experience for your development and delivery teams remains exactly the same, only safer.

What’s happening and when?

Here’s what to expect over the coming months:

• September 2025: All newly provisioned environments will be provisioned with Encryption at Rest by default
• October 2025: Silverstripe will begin migrating existing environments to services using Encryption at Rest. The Silverstripe platform team will be in touch with further details if any coordination is needed with your team. In most cases, this won’t be needed.

Our commitment to security

This change is part of our broader commitment to continuously improve the Silverstripe Cloud platform, not just for performance and reliability, but also for security.

We know our clients place a huge amount of trust in us to safeguard their websites, applications, and data. We take that trust seriously. Provisioning Encryption at Rest for all customers on our platform one more way we’re making sure your data is protected by default.

If you have any questions or want to learn more about how Encryption at Rest works within Silverstripe Cloud, feel free to reach out to our support team.

Let’s keep building a safer web, together.