any recommendation on how to store PII?
hi there, im planning to store some PII in the db. while i think convex's architecture is secure, im afraid of getting myself compromised and having attackers peek into my table. hence, im considering storing some sort of encryption key on a 3rd party provider (maybe aws or railway). does that make sense or im overengineering stuff?
3 Replies
Thanks for posting in <#1088161997662724167>.
Reminder: If you have a Convex Pro account, use the Convex Dashboard to file support tickets.
- Provide context: What are you trying to achieve, what is the end-user interaction, what are you seeing? (full error message, command output, etc.)
- Use search.convex.dev to search Docs, Stack, and Discord all at once.
- Additionally, you can post your questions in the Convex Community's <#1228095053885476985> channel to receive a response from AI.
- Avoid tagging staff unless specifically instructed.
Thank you!
in short, the only way hackers could peek into your table is by exploiting some sort of conditional logic issue in your query functions, or by getting access to your github credentials to log into the dashboard. convex tables themselves are stored securely in RDS, and nothing can really get to them except your query functions
thanks, jamie. getting access to github credentials is my only concerns