Just a thought but it might be more secure if the Pi only ever sees encrypted data. It stores it from an external encrypted source and delivers it as encrypted to any one that can access it.
Too many sensitive data sources have been compromised because bad actors can access the central data source and have cart blanc access to everything. Surely by controlling who has decryption tools you can better control end user access. Even then you need to limit how much data is released to any single actor at any one time.
You will also need to include a secure audit system and key distribution to included little limited key life.
At the end of the day its your people that will leak, either though apathy, error or bad actors.
Too many sensitive data sources have been compromised because bad actors can access the central data source and have cart blanc access to everything. Surely by controlling who has decryption tools you can better control end user access. Even then you need to limit how much data is released to any single actor at any one time.
You will also need to include a secure audit system and key distribution to included little limited key life.
At the end of the day its your people that will leak, either though apathy, error or bad actors.
Statistics: Posted by RaspISteve — Fri Jul 26, 2024 1:22 pm