Is Zero Trust Architecture Overkill?

Question

Hey everyone! I need you opinion on Zero Trust Architecture for a debugging tool we&rsquo;ve been building.My partner and I have built Dev In A Box - a debugging tool that uses simulations to pull out both bugs & security vulnerabilities with ~70% accuracy. It works for both finding the root cause of reported issues and doing more general debugging / tech debt removal sessions.Naturally, the tool has to handle people&rsquo;s code, so we wanted to make sure our security was air tight.We&rsquo;ve designed our architecture with this in mind - essentially, each new project lives in its own database. Making the contract to access the data much simpler to enforce and making a tenant breach via a SQL / coding mistake impossible.The other goal of this is enabling a zero trust encryption system - allowing the user to prevent us from accessing their data at rest. However I&rsquo;m not sure what is the best / most user friendly way to do this is. I&rsquo;d appreciate any feedback on this concept:The idea is a user could set a &ldquo;master password&rdquo; that only they know (and we don&rsquo;t) that would serve as the encryption key. Meaning their database can only be unencrypted at run time with that &ldquo;master password&rdquo; - similar to how password managers like LastPass work.This would mean we, as the SaaS company, won&rsquo;t be able to access their data. Potentially giving users more peace of mind and an additional layer of security.I think it sounds good in theory - as someone who refuses to use GitHub because I don&rsquo;t trust Microsoft as far as I can throw them, it definitely fulfills my neurosis. But before we build it, I wanted to run it by all of you to ask if it&rsquo;s really worth it.There are some drawbacks, of course. Like:- Having to input a master password every time you want to access your project- Managing that password across larger teams (if 50 people know the password, is it really providing any security?)- If the password is lost, there&rsquo;s no way to recover the project. It&rsquo;s gone for good.So my questions to you are:- Do the pros out weigh the cons? Is this something that would make you feel better about using a code scanner?- Is this level of security / privacy important to you?- Is there a better UX for something like this?- (For the folks who are knowledgeable in cryptography) Is there a better way of going about this? Do you know of a better method for managing the data so that the provider can&rsquo;t access it at run time?For more context you can see our website: dev-in-a-box.comThank you in advance. All opinions welcome!

pestatije · Accepted Answer

is the debug service the same as the data service?