Just as inserts pose security issues, so do updates. NextDB has a policy for securing updates (and deletes). In order to execute an update, you need to have first retrieved an temporary encrypted key for the row you want to update. In other words you must first query for the row, and then you supply the encrypted row id back with the update. The second aspect of this security policy is that the query that is used to initially get the row id must have "FOR UPDATE" enabled. In other words, some queries are read only, while others can allow either "FOR UPDATE" and/or "FOR DELETE". Batch updates are not allowed, and row level security is enabled at the query level with the "FOR UPDATE" flag.