---
title: RDS databases should be encrypted
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: Docs > Datadog Security > OOTB Rules > RDS databases should be encrypted
---

# RDS databases should be encrypted
 
## Description{% #description %}

Amazon RDS-encrypted database instances use the industry-standard AES-256 encryption algorithm to encrypt data on the servers hosting Amazon RDS DB instances. After the data is encrypted, Amazon RDS manages the authentication of access and decryption transparently, with minimal impact on performance. With RDS encryption enabled, all data stored on the instance's underlying storage, automated backups, read replicas, and snapshots is encrypted, enhancing the security of your data.

## Remediation{% #remediation %}

For instructions on enabling Amazon RDS encryption for a DB instance, refer to [Enabling Amazon RDS Encryption for a DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Encryption.html#Overview.Encryption.Enabling).