Aligning Your Security Goals for MySQL with a Cloud Encryption Solution

Before integrating a security solution for your MySQL database, it is essential to understand what your goals are for information security and how they relate to it.  The underlying goals of any information security solution are most likely:

  • Confidentiality – Your data cannot be read by anyone unauthorized to do so.
  • Integrity - Your data cannot be changed or falsified without your knowledge.
  • Availability – Your data is available when and where you need it, without compromising the confidentiality or integrity of the data.

Keeping these three underlying goals in mind, there are several ways to encrypt MySQL databases in the cloud.  Below are a few options for cloud encryption for MySQL.  The first two focus on the storage “underneath” the MySQL database, while the third focuses on the capabilities of the MySQL database itself.

  1. Full Disk Encryption: This means that the entire disk used by MySQL for storing the database is encrypted.  This approach is simple, transparent, and less error prone.  It will work with your application, without needing changes to the application code.  However, full disk encryption may be less configurable with multiple users because it is essentially all or nothing.
  2. Encrypting specific files (which represent tables): This approach takes advantage of the fact that MySQL can be configured so that each database table gets saved into a separate file.  The idea is to encrypt only the files that are considered the most sensitive.
  3. Encrypting specific rows, fields or columns in MySQL: The SQL language, as implemented in MySQL, allows developers to code encryption for specific rows or specific fields.  This is obviously the most challenging approach because it requires application-level code to be written.

Ideally, your business will need a solution that works well in the cloud and gives you the level of security and control that you require.  At Atlantic.Net, our shared web hosting services come with a high level of security and a wide array of features.  Clients may choose either MySQL or MSSQL 2000.  Clients may also purchase additional SQL databases on the Gold Plan or higher.  Contact an advisor at 800-521-5881 to learn more about our cloud hosting solutions.