Missing database encryption exposes task data at rest
warningsecurityUpdated Dec 17, 2025(via Exa)
Technologies:
How to detect:
Task monitoring database lacks encryption at rest, exposing sensitive task arguments, results, and failure traces stored in PostgreSQL. Compliance requirements may mandate encryption.
Recommended action:
Enable SSL/TLS for database connections using sslmode=require in DATABASE_URL. Enable at-rest encryption for PostgreSQL storage. Implement data retention policies to auto-delete old task records (e.g., DELETE FROM task WHERE created_at < NOW() - INTERVAL '30 days'). Verify SSL/TLS certificates are valid before deployment.