MrClever
commented
4 years ago In the post-GPDR world, this deserves a bump and review.
Open crossan007 opened 8 years ago
MrClever
commented
4 years ago In the post-GPDR world, this deserves a bump and review.
crossan007
commented
4 years ago I'm curious; what data fields would be eligible for at-rest encryption? What's standard / suggested?
We've recently gained the capability for "secret storage" of TOTP/2FA tokens in the database, but I doubt this approach applies to "general" data storage.
MrClever
commented
4 years ago Anything that personally identifies someone needs to be secured in transit and at rest is the basic rule of thumb. So name, address, phone numbers, bank account details etc. Given most of our tables use a person's per_ID (from person_per table) and not their "actual" name individual tables aren't necessarily the problem so much as someone getting hold of a full DB dump (my backups are encrypted which is a supported feature, but the live data isn't).
The person_per and family_fam tables have the bulk of personally identifiable information although the note_nte could be used nefariously too due to the completely abstract information that can be stored there. Not sure about the finance, event or Sunday school features because we don't use those on our production system, so they're all empty.
Obvious encrypted table candidates
person_perfamily_famnote_nteLess obvious
github-actions[bot]
commented
1 month ago This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.
Data at rest in MySQL db is not encrypted. Many people are running CRM on shared hosting, and would benefit from encrypted SQL columns.
http://stackoverflow.com/questions/1320682/how-to-encrypt-database-in-symfony