Securing OCI Bucket mounted as filesystem on-prem
We are planning to have OCI object storage as part of our offline backup strategy.
Files to be backed up -
1. Applications tier for ebs environment (12.1.3)
2. database backup files backed up using RMAN.
Below steps are already done -
1. Mounted OCI bucket as filesystem in our on-prem linux box.
2. Encrypted backup files with openssl for apps tier files and rman encryption for database.
Customer Secret Keys are stored on the linux server that is secured with MFA.
Please let us know what else can be done to secure this further?
Can OpenVPN be used where in on-prem linux box will have openvpn client installed and we have an OpenVPN server with Public IP. File to be transferred from on-prem to oci object storage only after starting a vpn session. Will that secure backup files in-transit?