Encrypting data at rest

dhyasama · January 5, 2015, 10:13pm

For a variety of reasons I’d like to encrypt all data at rest in our private financial forum. What are the options and issues?

At the database level, common approaches are column-specific, whole database, and whole disk. Are any of these possible with Discourse? If so, what are the pros and cons?

For attachments, I’m uploading to S3 and plan to turn on server-side S3 encryption which should be transparent to Discourse. Has anyone tried this yet?

sam · January 5, 2015, 10:16pm

I would recommend

Disabling S3 and handling all data yourself
Enabling full disk encryption on your linux server

I would strongly recommend not trying to hack the app to support this edge case, its a solved problem.

codinghorror · January 5, 2015, 11:20pm

Option #3 there, to enable Postgres encryption, is also a good possibility. But doesn’t cover uploads, images, or attachments of course… only things stored in the database, which is most stuff in Discourse.

sam · January 5, 2015, 11:37pm

That is basically #2

Data Partition Encryption
On Linux, encryption can be layered on top of a file system mount using a “loopback device”. This allows an entire file system partition be encrypted on disk, and decrypted by the operating system. On FreeBSD, the equivalent facility is called GEOM Based Disk Encryption, or gbde.

This mechanism prevents unencrypted data from being read from the drives if the drives or the entire computer is stolen. This does not protect against attacks while the file system is mounted, because when mounted, the operating system provides an unencrypted view of the data. However, to mount the file system, you need some way for the encryption key to be passed to the operating system, and sometimes the key is stored somewhere on the host that mounts the disk.

The other option for encryption is not applicable

Encryption For Specific Columns requires application level changes

codinghorror · January 5, 2015, 11:46pm

Oh wow Postgres doesn’t offer table level encryption?

sam · January 6, 2015, 2:25am

yeah you would need to do it column by column, but the general approach is just to do this at filesystem level. simpler.

dhyasama · January 7, 2015, 4:21pm

Relevant article for AWS users:

http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Encryption.html

sam · March 3, 2019, 9:13pm

Our current recommendation is:

If you are on AWS, rely on AWS features like DB encryption at rest and S3 server side encryption.
If you are self hosting on digital ocean, use OS level encryption, for example LUKS.

system · April 2, 2019, 9:13pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Disclosure of S3 secret access key Feature	23	5452	November 27, 2018
Proper way to secure/backup Discourse on self-hosted server? Hosting	9	2326	April 22, 2020
Redundant Discourse Hosting on AWS Hosting	14	2800	May 13, 2015
Setting up SSL with my domain name and Discourse instance Support	9	4225	June 8, 2024
Support for automatic backup encryption (GPG?) Feature backups	7	1711	February 7, 2019

Encrypting data at rest

Related Topics