Since TWP 2023.1 it is possible to store different Pool user credentials, provided that data protection settings are configured in Indicium's appsettings.json. The Encrypt/Decrypt process actions provide great potential to secure our own data too. However, the current behavior is rather tricky: Indicium will generate a new Key every 90 days, but in order to decrypt data that is encrypted with an older Key we need to keep all old Keys.
As a result the Docs contain below warnings, but these Docs are not necessarily top of mind of IT Operators. Also, 10 years from now we would have 40+ of such Keys, some of which more than 10 years old. That might trigger IT Operators to clean up the Key vaults.
As such, I believe the current setup poses a serious and hard to manage risk that old Keys will be lost at some point.
IDEA: every time Indicium triggers creation of a new Key, all Encrypted data must be updated with the new Key and the old Key should automatically be deleted afterwards.
This will ensure we only need to safeguard the most recent Key and will significantly reduce the risk of lost data.