Hi there,
I started using UDP because it allowed me to encrypt the site’s databases before sending them off to the cloud, love that. While preparing for GDPR compliance, I realized that the only missing link to make that data completely anonymous (and thereby falling out of scope of GDPR) would be the ability to encrypt files like wp-config.php. Right now, even if the database is encrypted, anyone gaining access to the backup could access the database easily by reading its details from that file. That’s a vector I’d like to see closed because it would mean even physically lost drives are a non-issue.
I could imagine some people would also like being able to encrypt custom scripts before uploading them, it would be a good way to protect one’s intellectual property.
Best Regards,
Sven
Sven
Hi Sven,
We will evaluate this. It won’t be a quick thing – whilst UD can already encrypt, there are a lot of places that touch zip files and aren’t currently ready for encryption.
One solution that works today is to use Amazon S3 for your storage, and use your own encryption keys: https://aws.amazon.com/blogs/aws/new-bring-your-own-keys-with-aws-key-management-service/
David
Also – another option you can use now is the exclusion options to exclude sensitive files like wp-config.php from the backup, and make a separate manual backup of that if/when you change it. That way, there’ll be no sensitive data in your backup.
I appreciate your consideration to add the feature and yes, exclusions and manual backups are what I’m doing right now but it’s tedious and I’d love to save myself (and others) the work. If you manage a bunch of sites, you’ll lose a lot of time over it and I also worry about client data, which is another important aspect of the request. It could make any of the backup solutions GDPR-compliant simply by enabling the user to anonymize the data that should to be.
Looking forward to future updates :)