[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-28 UTC."],[],[],null,["# Data encryption in transit\n\nThis page describes how Google and Spanner encrypt data in transit.\n\nOverview\n--------\n\nGoogle employs several security measures to help ensure the authenticity,\nintegrity, and privacy of data in transit.\n\nSpanner APIs are hosted on Google Front Ends (GFEs) and [encrypt data\nin transit by default](/docs/security/encryption-in-transit#encryption_in_transit_by_default).\nTo learn more about how Google encrypts data in transit, see the\n[Encryption in transit](/docs/security/encryption-in-transit) whitepaper.\n\nWhat's next\n-----------\n\n- Learn more about [Access control with IAM](/spanner/docs/iam).\n- Learn more about [Fine-grained access control](/spanner/docs/fgac-about).\n- Learn more about [Customer-managed encryption keys (CMEK)](/spanner/docs/cmek)."]]
