Encryption of your data is managed through encryption policies. When you create a policy, you specify which database object (table, index, LOB, or Type I area) to encrypt and the strength of the encryption cipher for the object. If you do not specify a cipher, the default, AES_CBC_128, is used. Creating a policy does not encrypt your existing data; it indicates that all future writes of the data is encrypted. See Encrypt your existing data for instructions on encrypting your existing data.

Encryption policies are created in several ways. See one of the following sections for more information: