|
|
|
|
|
|
by lathiat
1004 days ago
|
|
|
I have this same discussion about people using Vault and having secret unseal keys. If you're all in on the idea and have a robust process around key custody it's great, but if you just deploy it without thinking especially to an environment that may not be fully rebooted for 1-2 years at a time, it's far more likely someone will lose the keys and then only months or years later when the entire thing is restarted realise they lost all their data. And I'd put this as more likely than encryption at rest ever saving most people from data privacy. You have to include availability and user experience in your "threat model". |
|
|