Atom feed of this document
  
 

 Chapter 39. Case Studies: Tenant Data

Returning to Alice and Bob, we will use this section to dive into their particular tenant data privacy requirements. Specifically, we will look into how Alice and Bob both handle tenant data, data destruction, and data encryption.

 Alice's Private Cloud

As stated during the introduction to Alice's case study, data protection is of an extremely high priority. She needs to ensure that a compromise of one tenant's data does not cause loss of other tenant data. She also has strong regulator requirements that require documentation of data destruction activities. Alice does this using the following:

  • Establishing procedures to sanitize tenant data when a program or project ends

  • Track the destruction of both the tenant data and metadata via ticketing in a CMDB

  • For Volume storage:

  • Physical Server Issues

  • To provide secure ephemeral instance storage, Alice implements qcow2 files on an encrypted filesystem.

 Bob's Public Cloud

As stated during the introduction to Bob's case study, tenant privacy is of an extremely high priority. In addition to the requirements and actions Bob will take to isolate tenants from one another at the infrastructure layer, Bob also needs to provide assurances for tenant data privacy. Bob does this using the following:

  • Establishing procedures to sanitize customer data when a customer churns

  • Track the destruction of both the customer data and metadata via ticketing in a CMDB

  • For Volume storage:

  • Physical Server Issues

  • To provide secure ephemeral instance storage, Bob implements qcow2 files on an encrypted filesystems.

Questions? Discuss on ask.openstack.org
Found an error? Report a bug against this page

loading table of contents...