Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Suggest an Idea

Announcements
This page is no longer in use. To suggest an idea, please visit Browse and Suggest.

Secure delete data in Replicate

Prabodh
Creator II
Creator II
‎2021-02-04 11:28 AM

Secure delete data in Replicate

The Replicate tool writes data to disk in a couple different scenarios:

  1. When using Logstream endpoint
  2. When the transactions exceed the set memory limit

Replicate takes care of deleting the data once it has sent it to the target.

I would like to propose an enhancement for Replicate to use secure delete tools such as shred while deleting data. This is part of our security best practices as well a PCI-DSS requirement.

Status: Closed - Archived Submitted by Creator II on ‎2021-02-04 11:28 AM
1,134 Views
6 Comments
Shelley_Brennan
Former Employee
Former Employee
‎2021-02-22 08:20 AM

Thank you for the suggestion.  We would like to collect feedback from others as well.

Status changed to: Open - Collecting Feedback
birendodia
Contributor II
Contributor II
‎2021-09-13 12:08 PM

@Shelley_Brennan : Can you please let us know on the next steps or process work flow for enhancements requested ? This is a follow-up item from PCI-DSS requirement and we need to provide an action plan or remediation strategy soon.
 

Shelley_Brennan
Former Employee
Former Employee
‎2021-09-21 11:43 AM

There are no plans to implement this enhancement at this time.  However, we will continue to collect feedback from others and will keep it under consideration as we do our future planning.

DrorHarari-Qlik
Employee
Employee
‎2023-04-26 08:45 PM
I would like to propose an enhancement for Replicate to use secure delete tools such as shred while deleting data. This is part of our security best practices as well a PCI-DSS requirement.

Replicate uses the native remove/unlink (and also DeleteFile on Windows) APIs to delete files that are no longer in use.  Replicate also uses 3rd party components that use files and delete them using the same APIs. Those APIs, by themselves, do not wipe the stored data from storage which is why Qlik recommends that customers always used encrypting file systems.

The proposal to have an addon to Replicate that will be called instead of the above mentioned APIs is not practical - it would not solve the problem even if implemented as proposed. 

Reasons include:

  • Replacing API call with running a custom command (e.g. sdelete on Windows or scrub on Linux) will result in significant overhead and delays because it will be must slower than calling the API (Replicate creates a deletes large number of files with data during its operation).
  • The common secure delete utilities were written for HDDs (rotating disks) and do not really guarantee the wiping of the data when using SSDs on when using virtualized storage or remote storage. See https://www.howtogeek.com/234683/why-you-cant-securely-delete-a-file-and-what-to-do-instead/ for a nice writeup on this topic.

The only universally applicable solution that would guarantee no sensitive data is ever found on storage devices (of any kind) is the use of encrypting file systems (as mentioned above).

Meghann_MacDonald
Employee
Employee
‎2023-08-02 12:26 PM

From now on, please track this idea from the Ideation portal. 

Link to new idea

Meghann

NOTE: Upon clicking this link 2 tabs may open - please feel free to close the one with a login page. If you only see 1 tab with the login page, please try clicking this link first: Authenticate me! then try the link above again. Ensure pop-up blocker is off.

Ideation
Newbie
Newbie
‎2023-08-02 12:26 PM
 
Status changed to: Closed - Archived
Subscribe by Topic