Encrypt important columns across app #789
Labels
technical improvement
General technical improvements that might not be user-visible or affect the overall site experience.
Comments
zkat
added
the
technical improvement
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Right now, the only things we encrypt are user passwords and S3 buckets (the latter only at rest).
It would've been nice to do this from the get go, but we should go over the app and see what columns it makes sense for us to encrypt. That is, what columns are sensitive enough that if the database itself is leaked, we definitely wouldn't want that data to leak with it?
Of course, this only goes so far: we'll only be able to encrypt at rest, so if a breach accesses the live system, they'll be able to access things like the decryption key, or just inspect any of the live data.
Still, I think this is worth doing. Maybe not urgently, but it's going to involve some data migration, so the sooner the better.
Conveniently, we can use an existing library to pull this off: https://hexdocs.pm/cloak_ecto/readme.html
Note: once we're ready to tackle this, it might make sense to make a concrete plan and split it into smaller phases.
The text was updated successfully, but these errors were encountered: