Getting started with Edge Encryption Successful implementation of Edge Encryption requires planning and preparation. Answer the following questions in the planning stage. Which fields are to be encrypted? Which encryption types are to be used? How many Edge Encryption proxies are needed? If an order preserving encryption type is to be used, where will the MySQL instance be located? Which key management system is to be used? How are browsers to be set up to access an Edge Encryption proxy? System administrators, network administrators, and security team members have different tasks to fulfill for implementing Edge Encryption. System administrators need the security-admin role. The system administrator needs to: Download the Edge Encryption proxy application. Set up an Edge Encryption user account for the proxies to use to connect to the instance. The user must be assigned the edge_encryption role. Configure Edge Encryption on the instance. Schedule encryption jobs. Monitor Edge Encryption. Create and edit encryption rules. Your network administrator needs to: Install the Edge Encryption proxy application. Know network addresses for proxy servers, and the database server used with order-preserving encryption. Install the database to be used with order-preserving encryption. Start and stop the proxy applications. Perform encryption key management. Determine how to map users to encryption proxy applications. This can be done with DNS settings or routing rules, and is specific to each network. Deal with the issues of using multiple encryption proxy applications. Your security administrator must determine the encryption types to be assigned to each field.