I'm dealing with sensitive financial data and contract information for clients, and I'm trying to figure out if I need to obfuscate this data in my database. Traditionally, it seems that this type of data isn't obfuscated, but I'm concerned about how clients would feel about us having access to it in plaintext. What's the best approach here?
2 Answers
It really depends on your privacy policy! If clients aren't okay with storing sensitive information in plaintext, you might want to set up end-to-end encryption so that only the clients have the keys to decrypt the data. Just keep in mind that every situation is unique, and you'll need to assess the requirements for your project.
Are you on the development or admin side? It's typically best practice for developers to avoid accessing production data directly. Obfuscation isn’t full-proof either; if you can decode a scrambled message, it's not really secure. Plus, having root access could expose decrypted data, so definitely check up on local data protection laws to stay compliant.
Can’t you store the decryption keys only on the client’s side?