
Ask HN: How to handle PII data in AWS datalake - samrohn
We are building a s3 datalake in AWS and the data may contain Personally Identifiable Information (PII) information. What are the best practices for anonysing the data(PII data need to be retrieved back - like by marketing team for campaigns). If I take encryption route, what&#x27;s the best way to do it on AWS?
======
bradknowles
AWsS can do server-side encryption of assets like S3 buckets, and you can also
set policies that require uploaded content to be encrypted client side.

But just having PII is a huge risk, even if it is encrypted or anonymized.
Best not to have PII at all, unless you know how to properly build a digital
Fort Knox that you are confident can properly protect that data.

Hell, best just not to have PII at all — it’s a huge liability.

