Ask HN: How to store customer's digital books securely

2 pointsthrowaway2803822y ago1 comments

So, We automatically convert digital books and pdfs to audio which our customers can then show on their website (login protected). Our customers are paranoid and want us to make sure that their ebooks and pdfs are not stolen and/or shipped off overseas.

How do I make sure that team members and hackers do not steal the books? We are thinking of locking the books behind an API service so that developers and team members can access it in only through the service. But it does not seem enough.

What do you suggest? Are there any services which help with this?

1 comments

anonym292y ago

Short answer:

For employees: background checks, DLP, and rock-solid audit logs. Make sure employees know that access to the customer material is audited and logged, and that unauthorized access is a fireable offense.

For external adversaries: a good information security program. This will include TVM, EDR, SIEM at a bare minimum. This need not be a commercial solution, but if going the open source route, remember that just because it isn't a financial investment doesn't mean it's not an investment to take seriously.

Also, keep in mind that the 'I' and the 'A' of the CIA triad are not to be ignored. You should have a good BCDR program with redundant backups and you should make sure you can recover from them too.

There's so much more to go into here than can reasonably fit into a single post, but I hope this is a good starting point.

j / k navigate · click thread line to collapse