Empower your data with customer-managed encryption keys for Teradata VantageCloud Lake on AWS

You can now encrypt data at rest on VantageCloud Lake on AWS, ensuring your data remains fortified against the challenges of tomorrow.

Pavan Tumu
Pavan Tumu
March 19, 2024 2 min read

At Teradata, we believe that people thrive when empowered with trusted information. And we’re focused on continuing to deliver the most complete cloud analytics and data platform for trusted AI. In the face of increasing data breaches and cyber threats targeting data, every organization’s “crown jewel,” we recognize our customers’ need for advanced solutions to fortify their defenses. 

We are elated to share that customer-managed encryption keys (CMEKs) can now be used to encrypt data at rest on your VantageCloud Lake platform on AWS.

Elevate security with the pivotal advantages that CMEKs bring to life: 

  • Your data, your keys, your decision. Take the reins of your data destiny. With CMEKs, it's not just about protection; it's about control. Craft a security strategy that aligns with your organization's needs. You retain exclusive control of the creation, distribution/sharing, access management, and deletion of encryption keys used to protect your organization’s data. 
  • Dictate your own key rotation schedule. You have the freedom to tailor the key rotation schedule to your needs to enforce desired key management security policies. 
  • Minimize the impact of data breaches with CMEKs. When data security is in question, you can never be too careful. CMEKs arm you to act fast and respond to data breach threats. You can revoke access—or, in more severe situations, delete your keys—ensuring no one including, threat actors, Teradata, AWS, or even you can access or decrypt your data. 
  • Fine-tune your security with granular access control. CMEKs enable fine-grained access control, allowing administrators to define who can access and manage encryption keys. When paired with monitoring solutions, administrators can also easily discover who used the keys and when to access which resources. 

Implement CMEKs for VantageCloud Lake today 

Step confidently into an empowered data guardianship, ensuring your data remains fortified against the challenges of tomorrow. A more secure future with CMEKs begins now. For detailed instructions on how to configure CMEKs for your VantageCloud Lake workloads, please refer to this Knowledge Article. In introducing CMEKs, we also continue to maintain support for platform-managed encryption keys, should that be your preferred option. The power of choice is in your hands.


About Pavan Tumu

Pavan Tumu is a data geek by passion, an enabler by philosophy, a customer advocate by trade. As a Product Manager, he is specialized in data platforms: puddles, lakes, and seas ranging from POCs to 100s of PBs, and is currently focused on making the age-old contention of data democratization vs. security and compliance a little less painful—one conversation, feature, and process at a time. He’s a strong subscriber to the philosophy that the work is not done until a product is useful, usable, and used. He loves to engage with the developer community to enable them with latest product announcements and technical documentation, so they can graduate from feeling a product is useful to actually using it. 

View all posts by Pavan Tumu

Stay in the know

Subscribe to get weekly insights delivered to your inbox.

I consent that Teradata Corporation, as provider of this website, may occasionally send me Teradata Marketing Communications emails with information regarding products, data analytics, and event and webinar invitations. I understand that I may unsubscribe at any time by following the unsubscribe link at the bottom of any email I receive.

Your privacy is important. Your personal information will be collected, stored, and processed in accordance with the Teradata Global Privacy Policy.