Requests | Blesta

Requests

Backups encryption

Alk shared this idea 1 year ago
Under Consideration

Given the personal data that Blesta installations hold, in line with data protection laws, it would be appropriate for the backups feature to have encryption.

Whilst the servers where Blesta are installed are likely to have extra security safeguards in place, the offsite backup locations are less likely to have the same security setups. Additionally, data may be offloaded to a different organisation which can create additional complexity. If the data were packaged encrypted, only the Blesta installation owner would have access to the data, negating any data protection issues with where the data is being offloaded to as part of the backup.

Comments (1)

photo
2

Encrypting a large amount of data on the fly with PHP is not feasible as it's incredibly slow. However, it might be possible to use openssl on the linux system to perform the encryption, prior to securely transferring it to a remote location. I found this article that describes that https://blog.cavebeat.org/2016/02/encrypted-backups-with-secure-mysqldump/