null

as a stopgap, you can encrypt that information before inserting it into the database using public key crypto. paragonie/halite does all the hard stuff for you: encrypt with the public key, save the ciphertext in the database, and decrypt with the private key somewhere else. It's a big admin hassle, but then, so is dealing with personally identifying info. If you don't need it, don't collect it 😄

null

Yeah, there's a couple of approaches. The database itself would be accessible over SSL and encrypted on disk. That should be an option to find if you want to do it properly, but SSL support for MySQL has been broken in SilverStripe for a while: https://github.com/silverstripe/silverstripe-framework/issues/8871

Show 1 attachment(s)
😱 (2)
theruss

@null Will have some suggestions around this too, using Halite

theruss

FYI: https://github.com/defuse/php-encryption

Show 1 attachment(s)
GitHub  
defuse/php-encryption

Simple Encryption in PHP. Contribute to defuse/php-encryption development by creating an account on GitHub.

Hide attachment content
theruss

And depending on your host, you could also enable an encrypted F/S for the env within which the DB runs.

theruss

You can always encrypt the data on a field by field basis? I've just done this myself.

Brendan Leigh

@theruss cheers thats great, this is probably beyond my developer skills but something i can pass on to the developers.

The reason for my initial question, is the data collected needs to be stored in a secure environment, just incase the potential site were to be breached.

theruss

OOTB, that will be restricted to only RBMS' supported by SilverStripe, but I see no reason, why using the underlying principles, you couldn't attempt to send the data to Mongo or something else.