It would be really nice, if you can implement a feature, to encrypt the messages, which are stored in the posts-table in the database.

In my opinion posts shouldn't be stored in clear text in the db.

Thanks everyone for the feedback on this! At the moment, server side encryption is not planned because it would prevent features such as search from working, which we consider to be core features of Mattermost (it was designed to be a searchable history of message archives). However it is possible to set up disk encryption manually if you need it.

For anyone upvoting the feature, can you please share more additional details about your use case? Is the goal to have all channels and messages encrypted, but non-searchable?

I look posts in mattermost database, the posts don't encryption ,it is very big seurity issues for us, please help improve,thanks.

Thank you for this feature idea! Database encryption is available and we are working on documenting this.

Thank you for this feature idea! At the moment, server side encryption can be enabled for the Mattermost server and we are working on documenting this.

Mattermost needs this feature. privacy is very important for a message system.

we cant relly on HTTPS for encryption until the sub domain support is implemented.

nice

this

Duplicate of https://mattermost.uservoice.com/forums/306457-general/suggestions/31930852-easy-to-use-server-side-encryption-for-every-server

Duplicating my comment from there:

As far as the encryption key for encrypted data-at-rest is known to the server, the data can't be secure, because anyone having access to the server may be able to get the key.

If it's not known to the server (Zero Knowledge, End-to-End-Encryption), there is neither server-side search nor compliance export possible, which is a use case for Mattermost.

Unless searchable encrypted data is reliable or client-side storage and search is an option, I doubt, this will ever be implemented.

As far as the encryption key for encrypted data-at-rest is known to the server, the data can't be secure, because anyone having access to the server may be able to get the key.

If it's not known to the server (Zero Knowledge, End-to-End-Encryption), there is neither server-side search nor compliance export possible, which is a use case for Mattermost, but not for Nextcloud.

Unless searchable encrypted data is reliable or client-side storage and search is an option, I doubt, this will ever be implemented.

Why usind Uservoice as a service if you are not interested in the user’s opinions, dear Mattermoat people? Having encryption at rest is not anew thing. So what are you waiting for?

I don‘t think Mattermost is gonna reply to that. I don‘t know why, bur they are not interested in encryption at rest at all. Very sas :(

Nun das wäre wol ziemlich angenehm das zu haben. Weiß jetzt gar nicht ob das so wie es jetzt sicher ist. Denn die Verschlüsselung gibt es ja, sie wird aber nur auf einem Amazon Server angeboten. Warum auch immer?! Hoffentlich wird sich d etwas ändern.

I guess Leo meant fullstop hahahaha

Just yes. Fullstoo!

Well, I guess the Mattermost guys are not interested in that... too bad :(

We need this function! PLEASE!

Thanks Tatiana for the information about Riot. Din't know about that. Seems to be a legitimate alternative to Mattermost if they won't offer a databse encryption.

Is this planned at all?

No. That is unfortunately not part of Mattermost. That is why my organisation thought about using Riot/Matrix as an alternative.

Is that function not available yet?