is render using encryption at rest for it’s postgres DB? If so, what type of encryption? Can you provide this or provide more details? Our data partners require us to go through security audits where we will need to prove this.
If render cannot prove the encryption then we might have to switch away from render.
Yes, we encrypt all database volumes/disks. The encryption is handled by our upstream provider and you can read more about the type of encryption here. Let me know if I can answer any other questions.
Render encrypts all sensitive data, both at rest and in transit. The underlying services automatically use industry standard AES-256 encryption for storage. All endpoints support TLS 1.2 and above for encryption in transit with an A+ grade from SSL Labs.
(I would regard my database backups as sensitive, as would any sane developer.)