encryption at rest for mysql

If you have MYSQL installed and running on a Windows Server, you may want to look into BitLocker with TPM encryption plus PIN boot password. Even if the host OS is Windows but the CentOS is a VM, then this would suffice.

• TrueCrypt
• VeraCrypt

There's data-at-rest encryption so when it's at rest on a server disk partition not being accessed by some query, then using OS level full disk encryption such as BitLocker with TPM plus PIN boot password is fine per many regulations such as HITECH, HIPAA, etc.

Data-in-motion and Access Controls of who or what applications you allow to access the data is a different story but I'd look into something of that nature or equivalent for data-at-rest encryption specifically.

You have several options:

If you want to encrypt the files containing the database you have dm-crypt included in the kernel to provide that kind of security https://gitlab.com/cryptsetup/cryptsetup/wikis/DMCrypt

If your app its outside the database machine also you want to encrypt the communication, you can use the ssl option that its already included in mysql https://dev.mysql.com/doc/refman/5.6/en/ssl-connections.html

And you can descend to the application level and cypher data on demand using the encryption functions that mysql provide like aes_encrypt https://dev.mysql.com/doc/refman/5.6/en/encryption-functions.html