On the surface, encrypting the database instance using SAP native encryption would appear to be sufficient to protect data at rest within the SAP HANA database. But, enterprises storing sensitive data in an SAP HANA database need to consider exactly where in and around the database sensitive data might reside -- even outside the direct control of the Database Administrators (DBAs). To give an example, an SAP HANA database might encounter an error causing it to send information with sensitive data into a trace file or an alert log.