I’m writing a specification for a web app that will store sensitive user data, and the stakeholder asked that I consider a number of fairly standard security practices, but also including that the data be “encrypted at rest”, i.e. so that if someone gains physical access to the hard disk at some later date the user data can’t be retrieved.

The app is to be Node/Express on a VPS (probably against sqlite3), so since I would be doing that using an environmental variable stored in a file on that same computing instance, is that really providing any extra security?

I guess cloud big boys would be using key management systems to move the key off the local instance, and I could replicate that by using (Hashicorp Vault?) or building a service to keep the key elsewhere, but then I’d need secure access to that service, which once again would involve a key being stored locally.

What’s your thoughts, experience, or usual practice around this?

  • @barsquid
    link
    17 months ago

    So I suppose the main thing it protects from is physical access.

    Yes, that’s about it AFAICT. Like if a service disposes of their disks incorrectly it shouldn’t expose the data.