2

As per GDPR all private data should be encrypted, so I need to encrypt all logs and retrieve them for auditing. I have chosen to perform the encryption during log rotation and to use GnuPG as my encryption method, but don't know how to invoke the gpg command during logrotate.

Esa Jokinen
  • 43,252
  • 2
  • 75
  • 122
Debashish Kumar
  • 41
  • 7
  • 4
    Welcome! [Server Fault is a site for information technology professionals](http://serverfault.com/help/on-topic) and not a recipe site. -- as such we have certain professional expectations when people ask a question here and one of those expectations is that your question shows you've done some **research**, found and **read the vendor documentation** or **tried a solution** before asking the internet for help. Of course you're not expected to be able to solve everything yourself, but at least try & [write a great question](http://meta.serverfault.com/a/3609/37681) that we can help you answer. – HBruijn May 16 '18 at 06:28
  • 3
    This question is far too broad; there are many different ways to do it, from encrypting a single file to storing them on an encrypted disk or disk image or writing them to an encrypted USB disk and removing the disk. Start by figuring out what exactly it is you need. – Jenny D May 16 '18 at 06:29
  • 1
    Choosing GnuPG as the encryption method on the title delimits this a little, but the goal should be described more clearly. My educated guess from the details that a) this must be done during log rotation b) using `gpg` leads to a single file encryption. Using an encrypted disk would make this completely superfluous, making this possibly the only interpretation that makes sense. – Esa Jokinen May 16 '18 at 08:28
  • I hope my edit represent OP's thoughts. Feel free to re-edit! – Esa Jokinen May 16 '18 at 08:36
  • I don't understand why someone down-votes the question? – Debashish Kumar May 27 '18 at 10:59

1 Answers1

8

Contrary to what is often claimed, encryption of all personal data is not mandatory, but only suggested as a good option four times in the whole general data protection regulation (GDPR):

  • "...implement measures to mitigate those risks, such as encryption." (Recital 83)
  • "...appropriate safeguards, which may include encryption" (Art. 6, 4e)
  • "...including inter alia as appropriate: (a) the pseudonymisation and encryption of personal data." (Art. 32, 1a)
  • "...unintelligible to any person who is not authorised to access it, such as encryption" (Art. 34, 3a)

Rather than a requirement, encryption is a tool. An i-SCOOP acticle on GDPR encryption is a more comprehensive overview on the subject, including also some related guidelines. Risk analysis is an important part of your GDPR strategy and may reveal some risks that could be mitigated by encrypting logs. Then, this practice might be useful, but GDPR does not require it.

You could e.g. use a postrotate script to encrypt the rotated log with GnuPG.

/var/log/whatever.log {
    . . .
    postrotate
        gpg --encrypt --recipient my@example.com /var/log/whatever.log.1
    endscript
    . . .
}

Even better, logrotate allows substituting the default gzip with other tools, including GnuPG:

compress
compresscmd /usr/bin/gpg
compressoptions --encrypt --default-key your-key-id
compressext .gpg

This idea adopted from Ctrl.blog GDPR and personal data in web server logs makes this global. The article notices that the need for encryption depends on the type of data, discuss what personal data logs could contain and what is the legal basis for logging, as it's usually done without consent.

Esa Jokinen
  • 43,252
  • 2
  • 75
  • 122
  • We looked few of the articles saying Encryption is must https://www.computerweekly.com/feature/GDPR-brings-serious-implications-for-data-storage – Debashish Kumar May 16 '18 at 11:53
  • From the perspective of the regulation, it's clearly optional. It might still be a good practice, especially for storage administration. What and how you'd encrypt should arise from the risk analysis: How could these logs leak? What would be the consequences? – Esa Jokinen May 16 '18 at 13:07
  • yes, no outsider can access those logs as they are inside VPC. For an extra security, we have implemented it. The only flaw it seems in encrypting I felt that it is encrypting but not compressing, so I am rotating the logs in few days. Please let me know if I am wrong. – Debashish Kumar May 24 '18 at 21:30