[VERY_UNLIKELY] Data Masking for Database

Hi Sebastian,

Can masking feature be added while saving the data to the database? While saving and accessing data via Squidex, it is natural to progress in normal view, but is it possible to store the data in the database as encrypted? Thus, areas that require data privacy are protected from all kinds of hacking, etc.

While creating the schema, the option ‘save by masking’ this field as a feature to the relevant field supports this. Although this option works in the cloud, it is a very useful option in on premise.

The subject is of course open to improvement.

Hi, do you mean hashing or encryption? And who would store the key?

this can be a key stored in appsettings. Open to developing ideas. Maybe you can enrich more. The purpose here is to keep some data in the database without a more secure open state.

If we find a way to make it useful for the cloud as well I am willing to work on this, otherwise I would wait for a PR.

I am looking to use Squidex as CRM/HRM, to store personal information.

According the GDPR the personal data must be deleted or “forgotten” on the user request. With the event sourcing pattern you cannot delete the events. Moreover with a document storage db the information are spread everywhere and a GDPR request could became a big issue.

The idea is to encrypt the sensitive information and be able to delete only the encryption key on a GDPR request. In this way the events and the data stay there but the content is forgotten because there is no way to retrieve.

To answer your question: who would store the key? Squidex itself, but only once to be able to remove easily when needed (e.g. when the record is canceled). Then there could be another level of security encrypting these keys with a personal key owned by the user, but it’s another step.

The same idea should be applied to the assets. In a CRM/HRM scenario the documents attached to a record (representing a person) are strictly related to the record itself so I’m not interested to see them in the “media library” and I would like they are stored encrypted, with a key related to the record. Meanwhile the pictures of a blob post should be treated as usual.

I think this feature can be interesting for the cloud version, it could make the product more flexible to be used in other scenarios than the classical CMS.

How would this help for a GDPR scenario? You would need one key per user, right?

This feature is interesting, but I still have no good idea how to implement it properly.