Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

While one major use of something like this would be backups, how does one handle these backup sets with respect to GDPR requests? The window to respond is 30 days, so keeping backups longer than say 25 days seems cumbersome. You would need hot access to the sets to load them up and delete the data.


Encrypt backup data with a per-user key, keep the keys only in hot storage, delete the key when a user is deleted.


Wont that make the backups useless in case of a data loss (i.e. always)?


You don't keep a single copy of each key, but store enough redundant copies to get the proper number of nines. Preferably that's redundant geographically, in terms of storage technology, and in write frequency.

The important part is just that the keys don't end up in long term cold storage. Either it's only retained for a short period (e.g. tape backups that get rotated after two weeks), or it supports live deletion.


Encrypt the backups and store the encryption key in a normal non-archival bucket.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: