undefined | Better HN

0 pointsEduard3y ago0 comments

> Hetzner is great but it's not a good choice for companies which really care. Your data is not encrypted in rest.

It's up to you to set up "encryption in rest": E.g setup LUKS on a Hetzner machine.

> Their security is not bad but someone can easily plugin whatever they like.

That's not how it is. Check e.g. this six-year old security video from Hetzner: Hetzner is great but it's not a good choice for companies which really care. Your data is not encrypted in rest.

Their security is not bad but someone can easily plugin whatever they like.

0 comments

1 comments · 1 top-level

Deloritoono3y ago

I know the video quite well and I also have stuff on hetzner.

But it's just levels different to Google.

I have a small startup at hetzner.

But my main job has everything at the big cloud providers because of audit logs, high slash, global network etc. And no the hetzner video shows already that hetzner can't fullfil all required security certifications.

They have rows and rows of desktop PCs there.

With 'really' care I mean if you process millions or billions you just don't go to hetzner.

And doing encryption on rest with what decryption method? Manual unlock through a remote console?

At Google you literally have encryption on rest by default with key rotation build in and you can use your own keys.

Dimensions of difference

j / k navigate · click thread line to collapse