Data Encryption in Temporal provides a higher level of data security compared to typical approaches by enabling users to encrypt their data using user-specific algorithms invoked in the Temporal SDK Data Converter without sharing encryption keys with Temporal. This means Temporal never has access to the algorithms or keys used to encrypt/decrypt user data, regardless of whether Temporal infrastructure is compromised by an attacker. To support this need, Temporal provides a pluggable Codec Server capability that affords users the opportunity to call their specific encryption/decryption algorithm in their local web browser or CLI without providing access to their encryption keys to Temporal. This allows users to view unencrypted data in the Temporal UI or CLI without creating a potential security risk since decryption occurs locally, on a user’s machine, not on Temporal’s servers. Administrators can now configure a Codec Server per Namespace, enabling different Codec Servers for different namespaces and providing a better experience for all Temporal users. Temporal continues to invest in Security and Compliance capabilities, including the recent announcement of Audit Logging, and is working on new authentication and authorization capabilities for Temporal Cloud.