Re: [ceph-users] GDPR encryption at rest

On 02/05/18 16:12, David Turner wrote: > I've heard conflicting opinions if GDPR requires data to be encrypted > at rest Encryption both in transit and at rest is part of data protection by design: it is about making sure that you have control over the data that you hold/are processing and that if

Re: [ceph-users] GDPR encryption at rest

On Thu, May 3, 2018 at 1:22 PM, David Turner wrote: > The process to create an encrypted bluestore OSD is very simple to make them > utilize dmcrypt (literally just add --dmcrypt to the exact same command you > would run normally to create the OSD). The gotcha is that I

Re: [ceph-users] GDPR encryption at rest

The process to create an encrypted bluestore OSD is very simple to make them utilize dmcrypt (literally just add --dmcrypt to the exact same command you would run normally to create the OSD). The gotcha is that I had to find the option by using --help with ceph-volume from the cli. I was unable

Re: [ceph-users] GDPR encryption at rest

At 'rest' is talking about data on it's own, not being accessed through an application. Encryption at rest is most commonly done by encrypting the block device with something like dmcrypt. It's anything that makes having the physical disk useless without being able to decrypt it. You can also

Re: [ceph-users] GDPR encryption at rest

On Wed, May 2, 2018 at 11:12 AM, David Turner wrote: > I've heard conflicting opinions if GDPR requires data to be encrypted at > rest, but enough of our customers believe that it is that we're looking at > addressing it in our clusters. I had a couple questions about the

[ceph-users] GDPR encryption at rest

I've heard conflicting opinions if GDPR requires data to be encrypted at rest, but enough of our customers believe that it is that we're looking at addressing it in our clusters. I had a couple questions about the state of encryption in ceph. 1) My experience with encryption in Ceph is dmcrypt,