Secure Database suggestions
-
Goal: Human resources database, kept securely
The database would be used to keep details about personnel, their roles, contact details, the usual stuff. It would need to comply with GDPR.
What would you suggest?
It would be terrible if it were hacked. Is there something that could be done to mitigate a breach?Also, maybe there is a new way of accomplishing things like this without using what people normally call a database.
Perhaps people here have had experience using NextCloud to accomplish something like this. It has a lot of people contributing code so a lot of eyes on security. Would it work well for such a task, do you think?
How well might it manage roles for the various admins? For example, something like this:
Super-Admin: Runs the VPS/Cloudron
Admin: Responsibility for admin of the Nexcloud, assigns roles to junior admins
National Admin: responsible for coordinating regional admins
Regional Admins: manage the users and their details for their region
Users: give their info to database/interact with regional admins -
@LoudLemur I use cryptomator to encrypt sensitive files that I have on my nextcloud. Your use case is a bit trickier as you have multiple people working on the same file simultaneously. Take a look at the existing apps in the App Store like collabora, onlyoffice, and cryptpad. Cryptpad might be your best option though as it’s end to end encrypted.
Edit: There’s also baserow and noco. I’m not sure if the databases are encrypted.
