Heroku database and amazon s3 encryption key storage for HIPAA compliance
Question
I was hoping to get a recommendation on the best way to store a database encryption key for HIPAA compliance as well as Amazon S3 file storage security. I have been searching stackoverflow and googling in general, but I just can't quite get a solid grasp whether what I'm specifically doing is sufficient. I don't want something I'm doing differently from prescribed methods to make my app insecure.
Currently, I have a Rails app that uses the gem attr_encrypted to encrypt sensitive patient identifying data in the database like name, ssn, address etc. I also store things like images of signatures and patient pictures in Amazon S3 uses server side encryption. I know I shouldn't hardcode the database encryption key in the application or in any file that might get verion controlled, but can I keep it in heroku's env config variables? How are those secured? How separate are they from the database (as in, if someone gets into heroku and steals a copy of the database, are the ENV variables vulnerable somehow as well?)? I currently keep my AWS keys in heroku env variables, is that safe? Also, what is the best pass phrase to use for the encryption? I am currently using 2 sentences from a random page in a book I have.
Please let me know if I'm being terribly naive with any of the procedures I've outlined, and I apologize in advance if I am asking naive questions. I'd like to be HIPAA compliant, but in addition I'd like piece of mind that I've gone beyond what HIPAA requires since from what I understand, HIPAA compliance does not always = actually secure.
Thanks everyone!
1 answers
solution1
0 2012-12-14 17:18:58
(This is more of a comment, but it was too long to be added as a comment):
@Eli: HIPAA doesn't actually mandate any specific technology. Which is good because it's a law and not as mutable as shifting technology.
@OP: Here is a whitepaper on building HIPAA-complaint apps on AWS. It should give you some good ideas. But Eli is correct in that you'll need to contact Heroku for their compliance information. Or you might just be better off migrating off of Heroku at this point. In my experience, it's a good prototyping platform, but it's easy (and expensive) to start bumping into it's limitations when dealing with production environments.
@FrederickCheung: Reading directly from /dev/random will block if there isn't enough entropy. It's generally recommended to use /dev/urandom or an actual crypto library if pseudo-random isn't good enough.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.