Active Record Encryption in Rails 7

If you're hosting your web server in a particular region, it might be necessary to comply with the GDPR norms of that region. Anonymizing and encrypting data becomes necessary in such situations. In this blog, we will discuss the attribute encryption that Rails 7 provides right out of the box. And we will also see the Deterministic & Non Deterministic approaches. (If you're using Rails version lesser than 7, check out our previous blog here on how to write a custom encryption framework.) ActiveRecord attribute encryption in Ruby on Rails for better securityIn this blog post, we will explore a

ActiveRecord attribute encryption in Ruby on Rails for better security compliance

Data Encryption has never been so important to modern-day applications as it is today. Storing personal data in plain-text format makes the application open to data theft. Not only users' personal data is at risk, but even the application becomes subject to scrutiny when it falls under General Data Protection Regulation (GDPR) norms. In this blog post, we will explore a quick way to encrypt & decrypt model attributes using Rails handy ActiveSupport::MessageEncryptor class to ensure compliance such as GDPR. Let's start with some basics on PII and GDPR mandates. Personally Identifiable Information (PII) examples as per GDPR PII

Enabling encryption on S3

Files uploaded on S3 are not encrypted. To make them secure, we either need to encrypt the file at client's end then upload or configure S3 settings to encrypt the files after upload. i.e Server Side Encryption. Amazon S3 Server Side Encryption (SSE) employs AES-256, an encryption standard that provides a considerably high level of protection. To allow SSE for S3, just include following code in headers while uploading file: 'x-amz-server-side-encryption' => 'AES256' To check, login to S3 and check properties of the file uploaded. The "Server Side Encryption" option under Details tab should show AES-256 radio