bk3c
commented
4 years ago There do seem to be some existing modules for TypeORM like https://github.com/generalpiston/typeorm-encrypted, but it's not clear that the popularity and maintenance is quite there.
ludtkemorgan
Basic encryption of our backend database is automatically handled by Heroku at the AWS / EBS layer, which means that everything is encrypted at rest from machine/filesystem-based attacks. That said, there's likely to be demand for additional encryption of within the DB itself, to provide extra protection for especially sensitive PII (e.g. SSNs, if we ever have to ask for them) from an attacker who gains SQL-level access to the database.
I'm aware of things like PGCrypto, but I'm not sure what that buys us over just doing something at the typeorm level, so I'd default to making our implementation DB-independent. Once we do this, we'll also need to make sure we have all of the process stuff sorted around managing the encryption key, perhaps with AWS or GCP KMS? If we decide to get extra fancy, we could even do BYOK on Heroku Shield, or at that point we might want to have the DB elsewhere given the pricing...