Creating CRUD without security in mind can bring you to security disaster. Check out this article how to do it correctly.
I am an open-source developer working on Databunker. Today I got a question from one of the guys on a social network.
It is totally true, you can go DIY. On the other hand, Databunker grew to be a better solution than you can think about.
Databunker is a special application server used for the secure storage of customer data. It is not a full-fledged database. In the backend, it is using MySQL, PostgreSQL, or SQLite to store encrypted customer records. The product comes with full GDPR compliance and is built with privacy-by-design architecture.
Any company implementing Databunker has a quick and easy way for GDPR and privacy-by-design compliance in addition to much better security.
Hashicorp Vault is a great product. It is built for completely different use cases.
For example, when saving records in Databunker, Databunker knows to extract user email, phone, login identity, and custom identity and built a secure hashed-based index to do a quick user record lookup.
User record CRUD is just a part of the service. In Databunker, you have a secure session storage API, temp shareable identities API, automatic record expiration and removal, compliance with pseudonymization, DPO management, user-accessible UI, and more.
Besides you can go with a free version with an MIT license.
It is up to you to go with Databunker or build your own solution.
Just do not leave customer data unencrypted.