Hi, we have an app hosted on Aptible and it connects to one of our databases storing sensitive data (also on aptible). The app has the option to connect to the database via an ssh tunnel. We’re already connecting via SSL and I was wondering whether you would advise taking this additional precaution. If so, could you help me understand how to do so?
Aptible Databases don’t support SSH* so I don’t believe you’d be able to set up an SSH tunnel. From what I gather, SSH tunnels are only necessary when using a protocol that doesn’t support encryption. All supported Database types support encryption since our BAA requires that PHI be encrypted in transit even within a Stack so I don’t believe an SSH tunnel shouldn’t be necessary.
* SFTP Databases are the exception since SSH is used for SFTP (SSH File Transfer Protocol).