Last night I was reading though the CiviCRM documentation, which is actually incredibly well written for tech docs. I came across the following, which stopped me in my tracks.
Data storage jurisdiction
As mentioned before, CiviCRM can be run from the server or from the cloud. When working with issues around human rights, or if an organisation is gathering sensitive information about a country’s government or its officials, it is quite important to know where your data is stored. This is especially important when data is stored “in the cloud”, when it’s not obvious where the data is physically stored. Not getting into details, it might be good to have detailed information about where the servers are physically located, and which country’s jurisdiction is used in case of governmental requests for information.
Other security concerns
It should be remembered that many successful attempts of unauthorised access don’t have too much to do with IT systems security. It’s often social engineering, physical access to server and client machines or using violence against people who have authorised access to data that are responsible for break-ins. Therefore, making sure that data is secure requires also extensive, on-going training of system users and making sure that they are familiar with all the necessary precautions.
Right. This software is getting used by organizations in countries where governments are actively trying to get this data to stomp out political unrest. While I’d still have to worry about security for my deployments, I don’t have to worry about the worst of this. But for many people, in many parts of the world, this is a real and present danger.
That’s important not to forget.