Getting started with Edge Encryption Successful implementation of Edge Encryption requires planning and preparation. Answer the following questions in the planning stage. Which fields are to be encrypted? Which encryption types are to be used? How many Edge Encryption proxies are needed? If an order preserving encryption type or encryption patterns are to be used, where is the MySQL instance located? Which key management system is to be used? How are browsers to be set up to access an Edge Encryption proxy? System administrators, network administrators, and security team members have different tasks to fulfill for implementing Edge Encryption. System administrators need the security-admin role. The system administrator needs to: Download the Edge Encryption proxy application. Set up an Edge Encryption user account for the proxies to use to connect to the instance. The user must be assigned the edge_encryption role. Configure encryption keys, and set the default keys. Configure Edge Encryption on the instance. Schedule encryption jobs. Monitor Edge Encryption. Create and edit encryption rules. Your network administrator needs to: Install the Edge Encryption proxy application. Know network addresses for proxy servers, and the proxy database server used for order-preserving encryption and encryption patterns. Install the proxy database to be used for order-preserving encryption and encryption patterns. Start and stop the proxy applications. Perform encryption key management. Determine how to map users to encryption proxy applications. This can be done with DNS settings or routing rules, and is specific to each network. Deal with the issues of using multiple encryption proxy applications. Your security administrator must determine the encryption types to be assigned to each field.