I have a question, that i would like other people’s opion about!
I em tasked with a plan for encryption. At first i considered FDE (Full Disk Encryption) and this fixes the problem of “What if someone steals my server”. Since i am using a large hoster with more the adequate security, i consider it more possible that someone hacks into the server from the internet. Obviously, then FDE is of no use since the disk is accessable allready upon boot.
I know nextcloud has encryption module, but i have heard of problems in past versions where people have lost files (corruption) so i am weary about this…
I would like other people’s opinions, and possibly how they solved this dillema?
Hi, I recommend searching through the forum as this has been asked and answered many times in detail. Sounds like you have a good handle on the situation in general.
If someone hacks into the server they will have your local data unless you use e2e encryption. You can setup client e2e encryption via Cryptomator if you want a trusted solution that works. Otherwise, e2e encryption in Nextcloud is not complete yet… it is being developed and could take more years to resolve. Watch a video on e2e encryption to understand how it works, and good luck.
standard: transport encryption tls/ssl (https)
server side encryption
end to end encryption
There are risks. Use backups.