securedrop icon indicating copy to clipboard operation
securedrop copied to clipboard

Published 20 hours ago verified publisher icon freedomofpress

Consider adding an option to delete inactive sources

Open nathandyer opened this issue 1 year ago • 0 comments

Description

For SecureDrops that receive a large number of submissions, going through and manually managing them can be a challenge. In an effort to reduce the number of submissions retained on the server, and improve the performance, we should consider adding an option to automatically delete source accounts that have not submitted anything new in n days (where n could also be configured).

How will this impact SecureDrop users?

For servers that receive lots of submissions, this could improve the security of the system by addressing data retention, and would also have a positive impact on server performance.

The downside is that there is a potential for data loss, in the event that an impactful submission had not been reviewed for some reason, but the system determined it needed to be deleted because there hadn't been any new submissions for a set period of time.

How would this affect SecureDrop's threat model?

This likely would not affect the threat model.

User Stories

As an admin, I want the server to delete inactive sources, to reduce the amount of sensitive data stored on server, and to improve the overall performance of the server.

nathandyer avatar Dec 15 '23 15:12 nathandyer