Additional layer of security for sensitive data


#1

I have the Transactions collection that holds all the data re user transactions with their in-app account.
Say an evel hakker somehow gets access to my server\db and messes up my db. I will restore it from a prev day backup. But all the transactions for today will be lost - which is critical for my users.
So I would like to impose an additional level of access security on transactions data. What could be possible solutions?
Like, storing it in a separate db, access only through a certificate or a vpn tunnel… your thoughts, guys?


#3

It sounds like you would be better off just backing up that data more frequently?

Publication/Subscription rules (limiting access) doesn’t do anything by way of increasing the security of that data. You need to make sure you’ve got the right access control to the methods which make changes to the data.

Moving the data to another DB accessible only via a VPN tunnel doesn’t sound like it would make things any more secure. If you have a dodgy method which allows writing to the DB - then those who want to exploit that route will…

If you’re worried about other types of hacking (getting into your server) then user access via Meteor isn’t going to add any more security (as far as I am aware).


#4

Actually I’m considering a scenario not with my app logic being insecure, but with some Meteor-specific or hosting-specific exploit.
And how can I keep some data ‘more secure’ than the other.
More frequent backup is workaround which might work, yes.