(DOCSP-45910) Revises per explicit edits from v1 review. (#54)

erabil-mdb · web-flow · commit d98500b99a70 · 2024-12-11T13:30:57.000-07:00
diff --git a/source/data-encryption.txt b/source/data-encryption.txt
@@ -23,16 +23,18 @@ Features
 Encryption in Transit
 `````````````````````
 
-Encryption in transit secures data during transmission between clients and servers, preventing unauthorized access or tampering.
-In |service|, all network traffic to {+clusters+} is protected by Transport Layer Security (TLS), which is enabled by default and cannot be disabled.
+Encryption in transit secures data during transmission between clients and servers, 
+ensuring that your data cannot be inspected while in motion.
+In |service|, all network traffic to {+clusters+} is protected by Transport Layer 
+Security (TLS) 1.2+, which is enabled by default and cannot be disabled.
 Data transmitted to and between nodes is encrypted in transit using TLS, ensuring secure communication throughout.
 
 Encryption at Rest
 ``````````````````
 
 Encryption at rest ensures that all data on disk are encrypted.
 In |service|, customer data is automatically encrypted at rest.
-This process utilizes your cloud provider's disk encryption, with the provider managing the encryption keys.
+This process utilizes your cloud provider's disk encryption, with the provider managing the encryption keys. This process cannot be disabled.
 Additionally, you have the option to enable database-level encryption, allowing you to use :ref:`your own encryption keys <security-kms-encryption>`
 with AWS Key Management Service (KMS), Google Cloud KMS, or Azure Key Vault.
 
