Jump to content

General Data Protection Regulation (GDPR)


Peejay

Recommended Posts

1 minute ago, ceberlin said:

When looking at PW what concerns me most, are unencrypted database backups via the module ProcessDatabaseBackups.

Yes. No. Maybe.

The bigger problem may be the user that creates that backup and has access to it.
Having someone at that point handling those backups has to be trustworthy.

A ProcessDatabaseBackupsEncrypted module could be a nice addition nonetheless.

Link to comment
Share on other sites

I'd rather have db backups stored outside the webroot then having them encrypted. By default they're protected by the .htaccess file, but screwing up that file is easy and common. But if that's working (or files are outside the webroot) only people with access to the webserver can see/use the backup files and are highly likely to also have access to the config.php and therefore the db credentials as well. In that case encryption won't give you anything anymore.

  • Like 4
  • Thanks 1
Link to comment
Share on other sites

Backups can live their own live. I tend to download them from time to time (some customers do also). Since they can contain sensitive data, it is just another level of protection to have them encrypted. (I know, WordPress modules can be much worse in offering to *mailing* sql backups. Anything can happen there.)

Link to comment
Share on other sites

https://www.cnil.fr/en/open-source-pia-software-helps-carry-out-data-protection-impact-assesment

"L’outil dispose désormais de 14 langues (français, anglais, italien, allemand, polonais, hongrois, finnois, norvégien, espagnol, tchèque, néerlandais, portugais, roumain et grec) dont six d’entre elles ont été révisées par les Autorités de Protection bavaroise, italienne, finlandaise, hongroise, polonaise et norvégienne."

Edit: 
https://github.com/LINCnil
Some repositories are cookie-related.

https://github.com/AmauriC/tarteaucitron.js
"Comply to the European cookie law"...

Edited by Christophe
Link to comment
Share on other sites

×
×
  • Create New...