is render using encryption at rest for it’s postgres DB? If so, what type of encryption? Can you provide this or provide more details? Our data partners require us to go through security audits where we will need to prove this.
If render cannot prove the encryption then we might have to switch away from render.
Yes, we encrypt all database volumes/disks. The encryption is handled by our upstream provider and you can read more about the type of encryption here. Let me know if I can answer any other questions.
Databases in Frankfurt are run on AWS, not GCS — does the same answer apply regarding encryption at rest?
In addition, are the database backup snapshots taken also encrypted at rest?
FYI, Security & Trust | Render · Cloud Hosting for Developers suggests the answer is yes:
Render encrypts all sensitive data, both at rest and in transit. The underlying services automatically use industry standard AES-256 encryption for storage. All endpoints support TLS 1.2 and above for encryption in transit with an A+ grade from SSL Labs.
(I would regard my database backups as sensitive, as would any sane developer.)