That's a good question. I agree with your definition of AG. However, the only ti... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		gnabgib on April 2, 2021 \| parent \| context \| favorite \| on: Securing a Postgres Database That's a good question. I agree with your definition of AG. However, the only time a database (or any other kind of data store) would be useful in an AG setting would be if it's part of an AG system including network and other computers. Perhaps we need another somewhat similar term. It's like null-routing or firewalling devices on your network.. they're technically "connected" but if they cannot dial out they're in some ways gapped. (This is handy for dubious quality IoT devices, they can't phone home, auto-patch to drop features, or share your usage information with $corp, but still respond to local network commands). To some extent tunneling is security through obscurity (an SSH tunnel has moved the port you need to secure from 5432 to 22)

paulryanrogers on April 2, 2021 [–]

Air gapped data stores sound useful for very common scenarios like: offline backups, non-anonymized PII, infrequently accessed bank records

tmpz22 on April 2, 2021 | [–]

I.E. for long term archiving or legal compliance.

monocasa on April 3, 2021 | | [–]

Yep, tapes on a shelf at Iron Mountain.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact