Based on the research, here's what you should know about log encryption in your Prefect Teams setup: 1. Transport Security: - All logs transmitted from your ECS workers to Prefect Cloud are encrypted in transit using TLS 1.2 (minimum) - This applies to all API endpoints and data transmission between your infrastructure and Prefect Cloud 2. Storage Security: - Logs stored in Prefect Cloud are encrypted at rest - The infrastructure primarily runs on enterprise-grade cloud providers (GCP and AWS) - Storage systems follow industry best practices for encryption 3. Access Security: - Access to logs in the UI is protected by your authentication mechanisms - If you're using SSO and MFA (available in Teams tier), this adds additional security layers The primary source for Prefect's security practices can be found at: https://www.prefect.io/security It's worth noting that while Prefect ensures secure transmission and storage of logs, you should still be mindful of what information gets logged in your flows. As a best practice: - Avoid logging sensitive information (passwords, API keys, etc.) - Use Prefect's built-in secrets management for sensitive values - Consider implementing log redaction if you need to handle sensitive data in your logs Let me know if you have any specific questions about log security or if you'd like to know more about implementing additional security measures in your ECS deployments!