SlideShare a Scribd company logo

Modern Data Security with MySQL

Vittorio Cioe
Vittorio Cioe

Security landscape has been a constantly and rapidly changing scenario in the last decades. Threats have evolved from targeting services' availability to targeting data and data integrity. Therefore, now more than ever, data protection becomes critical and needs an in-depth approach which starts from the databes. Learn more about what MySQL has to offer to help you put in place security best practices to start protecting your data straight from the database!

1 of 42
Download to read offline
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Modern Data Security with MySQL Vittorio Cioe MySQL Sr. Sales Consultant vittorio.cioe@oracle.com
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. 2
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Copyright @ 2018 Oracle and/or its affiliates. All rights reserved. Agenda • Modern data security • MySQL Security Capabilities • MySQL and GDPR • Conclusion
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Modern Data Security
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Some time ago: trust based data security
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | ...and the future came... data are everywhere
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Now: need for embedded data security
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Complexity grows -> Risk Grows 8
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Data Security Cycle 9 ASSESS PREVENT DETECT
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | MySQL Security Capabilities
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Assess Security Risks 11 Discover Personal Data Scan Security Configuration Privilege Analysis
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Monitor • Enforce MySQL Security Best Practices – Identifies Vulnerabilities – Assesses current setup against security hardening policies • Monitoring & Alerting – User Monitoring – Password Monitoring – Schema Change Monitoring – Backup Monitoring – Configuration Management – Configuration Tuning Advice • Centralized User Management 12 "I definitely recommend the MySQL Enterprise Monitor to DBAs who don't have a ton of MySQL experience. It makes monitoring MySQL security, performance and availability very easy to understand and to act on.” Sandi Barr Sr. Software Engineer Schneider Electric
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Assess MySQL Authorization • Administrative Privileges • Database Privileges • Session Limits and Object Privileges • User privileges – Creating, altering and deleting databases – Creating, altering and deleting tables – Execute INSERT, SELECT, UPDATE, DELETE queries – Create, execute, or delete stored procedures and with what rights – Create or delete indexes 13 Security Privilege Management in MySQL Workbench
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Authentication 14 • Integrate with Centralized Authentication Infrastructure – Centralized Account Management – Password Policy Management – Groups & Roles • PAM (Pluggable Authentication Modules) – Standard interface (Unix, LDAP, Kerberos, others) – Windows • Access native Windows service - Use to Authenticate users using Windows Active Directory or to a native host Integrates MySQL with existing security infrastructures Integrates MySQL with existing security infrastructures
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Authentication: PAM • Standard Interface Unix/Linux • Proxy Users 15
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Authentication: Windows • Windows Active Directory • Windows Native Services 16
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Authentication: LDAP (new!!) • Standard Interface LDAP Authentication • Proxy Users 17
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Assess your data and data model using MySQL Workbench 18
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Protect from live threats 19 Protect from SQL injection Store Data Encrypted Enforce security roles
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Firewall: Overview 20 Inbound SQL Traffic Web Applications SQL Injection Attack Via Brower ALLOW BLOCK DETECT 11 22 33 Instance MySQL Enterprise FirewallInternet
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Firewall • Block SQL Injection Attacks – Allow: SQL Statements that match Whitelist – Block: SQL statements that are not on Whitelist • Intrusion Detection System – Detect: SQL statements that are not on Whitelist • SQL Statements execute and alert administrators 21 Select * from employee where id=22 Select * from employee where id=22 or 1=1 Block✖ Allow✔ White List Applications Detect & Alert Intrusion Detection
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Firewall • Real Time Protection – Queries analyzed and matched against White List • Blocks SQL Injection Attacks – Positive Security Model • Block Suspicious Traffic – Out of Policy Transactions detected & blocked • Learns White List – Automated creation of approved list of SQL command patterns on a per user basis • Transparent – No changes to application required 22 MySQL Enterprise Firewall monitoring
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Database Encrypted Tablespace Files Protected Key Hacker / Dishonest OS User Accesses Files Directly Information Access Blocked By Encryption MySQL TDE – Protects against Attacks on Database Files
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Key Vault MySQL Enterprise Transparent Data Encryption 2 Tier Architecture MySQL Database Tablespace Keys MySQL Server Plugin & Services Infrastructure InnoDB Client Keyring plugins • Master Key • Stored outside the database • Oracle Key Vault • SafeNet KeySecure • KMIP Compliant Key Vault • Tablespace Key • Protected by master key Master Key Plain Text Encrypted 2 Encrypted 1
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Key Vault High-Level Architecture Standby Administration Console, Alerts, Reports Secure Backups = Credential Files/Other Wallets = Password/phrases Keystores = Certificates Databases Servers Middleware 25
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL 8.0: Atomicity in Privileges • Privilege Tables now 100% InnoDB • User Management DDLs Atomic – CREATE USER – ALTER USER – RENAME USER – DROP USER – GRANT – REVOKE
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | • Fully Function, Flexible, Properly Architected Roles • Create and Drop Roles, Grant to Roles • Grant Roles to Roles, Grant Roles to Users • Limit Hosts that can use roles, Define Default Roles • Decide what roles are applicable during a session • And even visualize Roles with SQL function ROLES_GRAPHML() MySQL 8.0: Security Roles
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Detect suspicious events 28 Audit live events Watch live queries Disaster Recovery
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Audit - Work Flow 29
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Focus on MySQL EE Audit • GDPR – Mandates recording or auditing of the activities on the Personal Data – Recommends records must be maintained centrally • Under the responsibility of the Controller. – Processors and third-parties must not be able to tamper or destroy the audit records. – In addition to book-keeping, auditing helps in forensic analysis in case of a breach. • MySQL Enterprise Audit Audit data can be – Maintained in Oracle Audit Value – certified – Outputs standard XML or JSON that easily integrate with various 3rd party solutions – Supports encryption – Can direct security logs to write-once storage 30
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Review Audit Data With Workbench EE
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Enterprise Query Analyzer • Real-time query performance • Visual correlation graphs • Find & fix expensive queries • Detailed query statistics • Query Response Time index (QRTi) “With the MySQL Query Analyzer, we were able to identify and analyze problematic SQL code, and triple our database performance. More importantly, we were able to accomplish this in three days, rather than taking weeks.” Keith Souhrada Software Development Engineer Big Fish Games
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Backup • Online, non-locking backup and recovery – Complete MySQL instance backup (data and config) – Partial backup and restore • Direct Cloud storage backups – Oracle Storage Cloud, S3, etc. • Incremental backups • Point-in-time recovery • Advanced compressed and encryption • Backup to tape (SBT) • Optimistic backups • Cross-Platform (Windows, Linux, Unix)
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | InnoDB Cluster 34 App Servers with MySQL Router MySQL Group Replication MySQL Shell Setup, Manage, Orchestrate “High Availability becomes a core first class feature of MySQL!”
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Additional Security Controls Hashing, Signing, Encryption Functions – Symmetric Encryption – AES – Hashing – SHA-2, SHA-1 – Asymmetric Public Key Encryption (RSA) – Asymmetric Private Key Decryption (RSA) – Generate Public/Private Key (RSA, DSA, DH) – Derive Symmetric Keys from Public and Private Key pairs (DH) – Digitally Sign Data (RSA, DSA) – Verify Data Signature (RSA, DSA) – Validation Data Authenticity (RSA, DSA) Confidential – Oracle Internal 35
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | MySQL and GDPR
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | EU General Data Protection Regulation (GDPR) • Data privacy as a fundamental right • Defines Data protection responsibilities, baselines, principles • Provides Enforcement Powers Focus is on 3 Areas • Assessment – Processes, Profiles, Data Sensitivity, Ricks • Prevention – Encryption, Anonymization, Access Controls, Separation of Duties • Detection – Auditing, Activity monitoring, Alerting, Reporting 37
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | GDPR and MySQL • We can’t be entirely prescriptive • We have many things that can be applied towards attaining compliance – Assessment: MySQL Enterprise Monitor, MySQL Workbench EE, MySQL Security Best Practices Guidelines – Prevention: MySQL Transparent Data Encryption, MySQL Enterprise Firewall, DBA configurable IP whitelisting, Connection Limits, In transit data encryption, Granular access controls – Detection: MySQL Enterprise Firewall, MySQL Enterprise Audit, MySQL Workbench EE, MySQL Enterprise Monitor 38
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Conclusion
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 40 Takeaway: MySQL Enterprise Security Architecture  Workbench • Model • Data • Audit Data • User Management   Enterprise Monitor • Identifies Vulnerabilities • Security hardening policies • Monitoring & Alerting • User Monitoring • Password Monitoring • Schema Change Monitoring • Backup Monitoring  Data Encryption • TDE • Encryption • PKI  Firewall  Key Vault  Enterprise Authentication • SSO - LDAP, AD, PAM  Network Encryption  Enterprise Audit • Powerful Rules Engine  Audit Vault  Strong Authentication  Access Controls  Assess  Prevent  Detect  Recover  Enterprise Backup • Encrypted  HA • Innodb Cluster  Thread Pool • Attack minimization
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | References Confidential – Oracle Internal 41 • Home page EU GDPR – http://www.eugdpr.org/ • MySQL Enterprise – https://www.mysql.com/products/enterprise/ • MySQL PCI DSS – https://www.mysql.com/it/why-mysql/white-papers/mysql-pci-data-security-complia nce/ • MySQL Security Best Practices – https://www.mysql.com/it/why-mysql/presentations/mysql-security-best-practices/
Modern Data Security with MySQL

Recommended

MySQL Cloud Service
MySQL Cloud ServiceMySQL Cloud Service
MySQL Cloud Service
Mario Beck
 
InnoDb Vs NDB Cluster
InnoDb Vs NDB ClusterInnoDb Vs NDB Cluster
InnoDb Vs NDB Cluster
Mark Swarbrick
 
MySQL Manchester TT - Security
MySQL Manchester TT - SecurityMySQL Manchester TT - Security
MySQL Manchester TT - Security
Mark Swarbrick
 
MySQL Manchester TT - MySQL Enterprise Edition
MySQL Manchester TT - MySQL Enterprise EditionMySQL Manchester TT - MySQL Enterprise Edition
MySQL Manchester TT - MySQL Enterprise Edition
Mark Swarbrick
 
Oracle Enterprise Manager for MySQL
Oracle Enterprise Manager for MySQLOracle Enterprise Manager for MySQL
Oracle Enterprise Manager for MySQL
Mario Beck
 
Presentation database security audit vault & database firewall
Presentation database security audit vault & database firewallPresentation database security audit vault & database firewall
Presentation database security audit vault & database firewall
xKinAnx
 
Oracle Key Vault Overview
Oracle Key Vault OverviewOracle Key Vault Overview
Oracle Key Vault Overview
Troy Kitch
 
Oracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and MaskingOracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and Masking
DLT Solutions
 

Recommended

MySQL Cloud Service
MySQL Cloud ServiceMySQL Cloud Service
MySQL Cloud Service
Mario Beck
 
InnoDb Vs NDB Cluster
InnoDb Vs NDB ClusterInnoDb Vs NDB Cluster
InnoDb Vs NDB Cluster
Mark Swarbrick
 
MySQL Manchester TT - Security
MySQL Manchester TT - SecurityMySQL Manchester TT - Security
MySQL Manchester TT - Security
Mark Swarbrick
 
MySQL Manchester TT - MySQL Enterprise Edition
MySQL Manchester TT - MySQL Enterprise EditionMySQL Manchester TT - MySQL Enterprise Edition
MySQL Manchester TT - MySQL Enterprise Edition
Mark Swarbrick
 
Oracle Enterprise Manager for MySQL
Oracle Enterprise Manager for MySQLOracle Enterprise Manager for MySQL
Oracle Enterprise Manager for MySQL
Mario Beck
 
Presentation database security audit vault & database firewall
Presentation database security audit vault & database firewallPresentation database security audit vault & database firewall
Presentation database security audit vault & database firewall
xKinAnx
 
Oracle Key Vault Overview
Oracle Key Vault OverviewOracle Key Vault Overview
Oracle Key Vault Overview
Troy Kitch
 
Oracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and MaskingOracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and Masking
DLT Solutions
 
Oracle Database Security: Top 10 Things You Could & Should Be Doing Differently
Oracle Database Security: Top 10 Things You Could & Should Be Doing DifferentlyOracle Database Security: Top 10 Things You Could & Should Be Doing Differently
Oracle Database Security: Top 10 Things You Could & Should Be Doing Differently
Pythian
 
Robust easy affordable disaster recovery for MySQL Data
Robust easy affordable disaster recovery for MySQL DataRobust easy affordable disaster recovery for MySQL Data
Robust easy affordable disaster recovery for MySQL Data
OracleMySQL
 
MySQL in Oracle environment : Quick start guide for Oracle DBA (Part 1)
MySQL in Oracle environment : Quick start guide for Oracle DBA (Part 1)MySQL in Oracle environment : Quick start guide for Oracle DBA (Part 1)
MySQL in Oracle environment : Quick start guide for Oracle DBA (Part 1)
OracleMySQL
 
My sql en la nube conoce las mejores prácticas en administración y operación_...
My sql en la nube conoce las mejores prácticas en administración y operación_...My sql en la nube conoce las mejores prácticas en administración y operación_...
My sql en la nube conoce las mejores prácticas en administración y operación_...
GeneXus
 
Azure key vault - Brisbane User Group
Azure key vault - Brisbane User GroupAzure key vault - Brisbane User Group
Azure key vault - Brisbane User Group
Rahul Nath
 
Azure Low Lands 2019 - Building secure cloud applications with Azure Key Vault
Azure Low Lands 2019 - Building secure cloud applications with Azure Key VaultAzure Low Lands 2019 - Building secure cloud applications with Azure Key Vault
Azure Low Lands 2019 - Building secure cloud applications with Azure Key Vault
Tom Kerkhove
 
MySQL London Tech Tour March 2015 - Embedded Database of Choice
MySQL London Tech Tour March 2015 - Embedded Database of ChoiceMySQL London Tech Tour March 2015 - Embedded Database of Choice
MySQL London Tech Tour March 2015 - Embedded Database of Choice
Mark Swarbrick
 
MySQL in oracle_environments(Part 2): MySQL Enterprise Monitor & Oracle Enter...
MySQL in oracle_environments(Part 2): MySQL Enterprise Monitor & Oracle Enter...MySQL in oracle_environments(Part 2): MySQL Enterprise Monitor & Oracle Enter...
MySQL in oracle_environments(Part 2): MySQL Enterprise Monitor & Oracle Enter...
OracleMySQL
 
ISC2 Secure Summit EMEA - Top Microsoft Azure security fails and how to avoid...
ISC2 Secure Summit EMEA - Top Microsoft Azure security fails and how to avoid...ISC2 Secure Summit EMEA - Top Microsoft Azure security fails and how to avoid...
ISC2 Secure Summit EMEA - Top Microsoft Azure security fails and how to avoid...
Karl Ots
 
Windows Azure Security Features And Functionality
Windows Azure Security Features And FunctionalityWindows Azure Security Features And Functionality
Windows Azure Security Features And Functionality
vivekbhat
 
Managing your secrets in a cloud environment
Managing your secrets in a cloud environmentManaging your secrets in a cloud environment
Managing your secrets in a cloud environment
Taswar Bhatti
 
Azure key vault
Azure key vaultAzure key vault
Azure key vault
Rahul Nath
 
SQL Server 2016 New Security Features
SQL Server 2016 New Security FeaturesSQL Server 2016 New Security Features
SQL Server 2016 New Security Features
Gianluca Sartori
 
Global Azure Bootcamp 2017 - Azure Key Vault
Global Azure Bootcamp 2017 - Azure Key VaultGlobal Azure Bootcamp 2017 - Azure Key Vault
Global Azure Bootcamp 2017 - Azure Key Vault
Alberto Diaz Martin
 
Improving Application Security With Azure
Improving Application Security With AzureImproving Application Security With Azure
Improving Application Security With Azure
Softchoice Corporation
 
Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...
Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...
Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...
Bloombase
 
Oracle database 12c data masking and subsetting guide
Oracle database 12c data masking and subsetting guideOracle database 12c data masking and subsetting guide
Oracle database 12c data masking and subsetting guide
bupbechanhgmail
 
Will Your Cloud Be Compliant? OpenStack Security
Will Your Cloud Be Compliant? OpenStack SecurityWill Your Cloud Be Compliant? OpenStack Security
Will Your Cloud Be Compliant? OpenStack Security
Scott Carlson
 
BGOUG 2014: Developing Using MySQL
BGOUG 2014: Developing Using MySQLBGOUG 2014: Developing Using MySQL
BGOUG 2014: Developing Using MySQL
Georgi Kodinov
 
Azure security basics
Azure security basicsAzure security basics
Azure security basics
Stas Lebedenko
 
MySQL enterprise edition
MySQL enterprise edition MySQL enterprise edition
MySQL enterprise edition
Mark Swarbrick
 
MySQL for Oracle DBAs
MySQL for Oracle DBAsMySQL for Oracle DBAs
MySQL for Oracle DBAs
Mario Beck
 

More Related Content

What's hot

Oracle Database Security: Top 10 Things You Could & Should Be Doing Differently
Oracle Database Security: Top 10 Things You Could & Should Be Doing DifferentlyOracle Database Security: Top 10 Things You Could & Should Be Doing Differently
Oracle Database Security: Top 10 Things You Could & Should Be Doing Differently
Pythian
 
Robust easy affordable disaster recovery for MySQL Data
Robust easy affordable disaster recovery for MySQL DataRobust easy affordable disaster recovery for MySQL Data
Robust easy affordable disaster recovery for MySQL Data
OracleMySQL
 
MySQL in Oracle environment : Quick start guide for Oracle DBA (Part 1)
MySQL in Oracle environment : Quick start guide for Oracle DBA (Part 1)MySQL in Oracle environment : Quick start guide for Oracle DBA (Part 1)
MySQL in Oracle environment : Quick start guide for Oracle DBA (Part 1)
OracleMySQL
 
My sql en la nube conoce las mejores prácticas en administración y operación_...
My sql en la nube conoce las mejores prácticas en administración y operación_...My sql en la nube conoce las mejores prácticas en administración y operación_...
My sql en la nube conoce las mejores prácticas en administración y operación_...
GeneXus
 
Azure key vault - Brisbane User Group
Azure key vault - Brisbane User GroupAzure key vault - Brisbane User Group
Azure key vault - Brisbane User Group
Rahul Nath
 
Azure Low Lands 2019 - Building secure cloud applications with Azure Key Vault
Azure Low Lands 2019 - Building secure cloud applications with Azure Key VaultAzure Low Lands 2019 - Building secure cloud applications with Azure Key Vault
Azure Low Lands 2019 - Building secure cloud applications with Azure Key Vault
Tom Kerkhove
 
MySQL London Tech Tour March 2015 - Embedded Database of Choice
MySQL London Tech Tour March 2015 - Embedded Database of ChoiceMySQL London Tech Tour March 2015 - Embedded Database of Choice
MySQL London Tech Tour March 2015 - Embedded Database of Choice
Mark Swarbrick
 
MySQL in oracle_environments(Part 2): MySQL Enterprise Monitor & Oracle Enter...
MySQL in oracle_environments(Part 2): MySQL Enterprise Monitor & Oracle Enter...MySQL in oracle_environments(Part 2): MySQL Enterprise Monitor & Oracle Enter...
MySQL in oracle_environments(Part 2): MySQL Enterprise Monitor & Oracle Enter...
OracleMySQL
 
ISC2 Secure Summit EMEA - Top Microsoft Azure security fails and how to avoid...
ISC2 Secure Summit EMEA - Top Microsoft Azure security fails and how to avoid...ISC2 Secure Summit EMEA - Top Microsoft Azure security fails and how to avoid...
ISC2 Secure Summit EMEA - Top Microsoft Azure security fails and how to avoid...
Karl Ots
 
Windows Azure Security Features And Functionality
Windows Azure Security Features And FunctionalityWindows Azure Security Features And Functionality
Windows Azure Security Features And Functionality
vivekbhat
 
Managing your secrets in a cloud environment
Managing your secrets in a cloud environmentManaging your secrets in a cloud environment
Managing your secrets in a cloud environment
Taswar Bhatti
 
Azure key vault
Azure key vaultAzure key vault
Azure key vault
Rahul Nath
 
SQL Server 2016 New Security Features
SQL Server 2016 New Security FeaturesSQL Server 2016 New Security Features
SQL Server 2016 New Security Features
Gianluca Sartori
 
Global Azure Bootcamp 2017 - Azure Key Vault
Global Azure Bootcamp 2017 - Azure Key VaultGlobal Azure Bootcamp 2017 - Azure Key Vault
Global Azure Bootcamp 2017 - Azure Key Vault
Alberto Diaz Martin
 
Improving Application Security With Azure
Improving Application Security With AzureImproving Application Security With Azure
Improving Application Security With Azure
Softchoice Corporation
 
Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...
Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...
Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...
Bloombase
 
Oracle database 12c data masking and subsetting guide
Oracle database 12c data masking and subsetting guideOracle database 12c data masking and subsetting guide
Oracle database 12c data masking and subsetting guide
bupbechanhgmail
 
Will Your Cloud Be Compliant? OpenStack Security
Will Your Cloud Be Compliant? OpenStack SecurityWill Your Cloud Be Compliant? OpenStack Security
Will Your Cloud Be Compliant? OpenStack Security
Scott Carlson
 
BGOUG 2014: Developing Using MySQL
BGOUG 2014: Developing Using MySQLBGOUG 2014: Developing Using MySQL
BGOUG 2014: Developing Using MySQL
Georgi Kodinov
 
Azure security basics
Azure security basicsAzure security basics
Azure security basics
Stas Lebedenko
 

What's hot (20)

Oracle Database Security: Top 10 Things You Could & Should Be Doing Differently
Oracle Database Security: Top 10 Things You Could & Should Be Doing DifferentlyOracle Database Security: Top 10 Things You Could & Should Be Doing Differently
Oracle Database Security: Top 10 Things You Could & Should Be Doing Differently
 
Robust easy affordable disaster recovery for MySQL Data
Robust easy affordable disaster recovery for MySQL DataRobust easy affordable disaster recovery for MySQL Data
Robust easy affordable disaster recovery for MySQL Data
 
MySQL in Oracle environment : Quick start guide for Oracle DBA (Part 1)
MySQL in Oracle environment : Quick start guide for Oracle DBA (Part 1)MySQL in Oracle environment : Quick start guide for Oracle DBA (Part 1)
MySQL in Oracle environment : Quick start guide for Oracle DBA (Part 1)
 
My sql en la nube conoce las mejores prácticas en administración y operación_...
My sql en la nube conoce las mejores prácticas en administración y operación_...My sql en la nube conoce las mejores prácticas en administración y operación_...
My sql en la nube conoce las mejores prácticas en administración y operación_...
 
Azure key vault - Brisbane User Group
Azure key vault - Brisbane User GroupAzure key vault - Brisbane User Group
Azure key vault - Brisbane User Group
 
Azure Low Lands 2019 - Building secure cloud applications with Azure Key Vault
Azure Low Lands 2019 - Building secure cloud applications with Azure Key VaultAzure Low Lands 2019 - Building secure cloud applications with Azure Key Vault
Azure Low Lands 2019 - Building secure cloud applications with Azure Key Vault
 
MySQL London Tech Tour March 2015 - Embedded Database of Choice
MySQL London Tech Tour March 2015 - Embedded Database of ChoiceMySQL London Tech Tour March 2015 - Embedded Database of Choice
MySQL London Tech Tour March 2015 - Embedded Database of Choice
 
MySQL in oracle_environments(Part 2): MySQL Enterprise Monitor & Oracle Enter...
MySQL in oracle_environments(Part 2): MySQL Enterprise Monitor & Oracle Enter...MySQL in oracle_environments(Part 2): MySQL Enterprise Monitor & Oracle Enter...
MySQL in oracle_environments(Part 2): MySQL Enterprise Monitor & Oracle Enter...
 
ISC2 Secure Summit EMEA - Top Microsoft Azure security fails and how to avoid...
ISC2 Secure Summit EMEA - Top Microsoft Azure security fails and how to avoid...ISC2 Secure Summit EMEA - Top Microsoft Azure security fails and how to avoid...
ISC2 Secure Summit EMEA - Top Microsoft Azure security fails and how to avoid...
 
Windows Azure Security Features And Functionality
Windows Azure Security Features And FunctionalityWindows Azure Security Features And Functionality
Windows Azure Security Features And Functionality
 
Managing your secrets in a cloud environment
Managing your secrets in a cloud environmentManaging your secrets in a cloud environment
Managing your secrets in a cloud environment
 
Azure key vault
Azure key vaultAzure key vault
Azure key vault
 
SQL Server 2016 New Security Features
SQL Server 2016 New Security FeaturesSQL Server 2016 New Security Features
SQL Server 2016 New Security Features
 
Global Azure Bootcamp 2017 - Azure Key Vault
Global Azure Bootcamp 2017 - Azure Key VaultGlobal Azure Bootcamp 2017 - Azure Key Vault
Global Azure Bootcamp 2017 - Azure Key Vault
 
Improving Application Security With Azure
Improving Application Security With AzureImproving Application Security With Azure
Improving Application Security With Azure
 
Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...
Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...
Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...
 
Oracle database 12c data masking and subsetting guide
Oracle database 12c data masking and subsetting guideOracle database 12c data masking and subsetting guide
Oracle database 12c data masking and subsetting guide
 
Will Your Cloud Be Compliant? OpenStack Security
Will Your Cloud Be Compliant? OpenStack SecurityWill Your Cloud Be Compliant? OpenStack Security
Will Your Cloud Be Compliant? OpenStack Security
 
BGOUG 2014: Developing Using MySQL
BGOUG 2014: Developing Using MySQLBGOUG 2014: Developing Using MySQL
BGOUG 2014: Developing Using MySQL
 
Azure security basics
Azure security basicsAzure security basics
Azure security basics
 

Similar to Modern Data Security with MySQL

MySQL enterprise edition
MySQL enterprise edition MySQL enterprise edition
MySQL enterprise edition
Mark Swarbrick
 
MySQL for Oracle DBAs
MySQL for Oracle DBAsMySQL for Oracle DBAs
MySQL for Oracle DBAs
Mario Beck
 
MySQL Enterprise Edition Overview
MySQL Enterprise Edition OverviewMySQL Enterprise Edition Overview
MySQL Enterprise Edition Overview
Mario Beck
 
MySQL Enterprise Portfolio
MySQL Enterprise PortfolioMySQL Enterprise Portfolio
MySQL Enterprise Portfolio
Abel Flórez
 
MySQL Enterprise Edition - Complete Guide (2019)
MySQL Enterprise Edition - Complete Guide (2019)MySQL Enterprise Edition - Complete Guide (2019)
MySQL Enterprise Edition - Complete Guide (2019)
Keith Hollman
 
MySQL Day Paris 2016 - MySQL Enterprise Edition
MySQL Day Paris 2016 - MySQL Enterprise EditionMySQL Day Paris 2016 - MySQL Enterprise Edition
MySQL Day Paris 2016 - MySQL Enterprise Edition
Olivier DASINI
 
MySQL Day Paris 2016 - Introducing Oracle MySQL Cloud Service
MySQL Day Paris 2016 - Introducing Oracle MySQL Cloud ServiceMySQL Day Paris 2016 - Introducing Oracle MySQL Cloud Service
MySQL Day Paris 2016 - Introducing Oracle MySQL Cloud Service
Olivier DASINI
 
MySQL Security
MySQL SecurityMySQL Security
MySQL Security
Mario Beck
 
MySQL Security
MySQL SecurityMySQL Security
MySQL Security
Ted Wennmark
 
Oracle MySQL Tutorial -- MySQL NoSQL Cloud Buenos Aires Nov, 13 2014
Oracle MySQL Tutorial -- MySQL NoSQL Cloud Buenos Aires Nov, 13 2014Oracle MySQL Tutorial -- MySQL NoSQL Cloud Buenos Aires Nov, 13 2014
Oracle MySQL Tutorial -- MySQL NoSQL Cloud Buenos Aires Nov, 13 2014Manuel Contreras
 
Using MySQL in the Cloud
Using MySQL in the CloudUsing MySQL in the Cloud
Using MySQL in the Cloud
Matt Lord
 
MySQL Tech Tour 2015 - 5.7 Security
MySQL Tech Tour 2015 - 5.7 SecurityMySQL Tech Tour 2015 - 5.7 Security
MySQL Tech Tour 2015 - 5.7 Security
Mark Swarbrick
 
MySQL Security & GDPR
MySQL Security & GDPRMySQL Security & GDPR
MySQL Security & GDPR
Mark Swarbrick
 
Netherlands Tech Tour - 06 MySQL Enterprise Monitor
Netherlands Tech Tour - 06 MySQL Enterprise MonitorNetherlands Tech Tour - 06 MySQL Enterprise Monitor
Netherlands Tech Tour - 06 MySQL Enterprise Monitor
Mark Swarbrick
 
Using MySQL Enterprise Monitor for Continuous Performance Improvement
Using MySQL Enterprise Monitor for Continuous Performance ImprovementUsing MySQL Enterprise Monitor for Continuous Performance Improvement
Using MySQL Enterprise Monitor for Continuous Performance Improvement
Mark Matthews
 
MySQL Enterprise Monitor
MySQL Enterprise MonitorMySQL Enterprise Monitor
MySQL Enterprise MonitorMario Beck
 
BGOUG17: Cloudy with a chance of MySQL
BGOUG17: Cloudy with a chance of MySQLBGOUG17: Cloudy with a chance of MySQL
BGOUG17: Cloudy with a chance of MySQL
Georgi Kodinov
 
2014 OpenSuse Conf: Protect your MySQL Server
2014 OpenSuse Conf: Protect your MySQL Server2014 OpenSuse Conf: Protect your MySQL Server
2014 OpenSuse Conf: Protect your MySQL Server
Georgi Kodinov
 
MySQL 20 años: pasado, presente y futuro; conoce las nuevas características d...
MySQL 20 años: pasado, presente y futuro; conoce las nuevas características d...MySQL 20 años: pasado, presente y futuro; conoce las nuevas características d...
MySQL 20 años: pasado, presente y futuro; conoce las nuevas características d...
GeneXus
 
Pl17: MySQL 8.0: security
Pl17: MySQL 8.0: securityPl17: MySQL 8.0: security
Pl17: MySQL 8.0: security
Georgi Kodinov
 

Similar to Modern Data Security with MySQL (20)

MySQL enterprise edition
MySQL enterprise edition MySQL enterprise edition
MySQL enterprise edition
 
MySQL for Oracle DBAs
MySQL for Oracle DBAsMySQL for Oracle DBAs
MySQL for Oracle DBAs
 
MySQL Enterprise Edition Overview
MySQL Enterprise Edition OverviewMySQL Enterprise Edition Overview
MySQL Enterprise Edition Overview
 
MySQL Enterprise Portfolio
MySQL Enterprise PortfolioMySQL Enterprise Portfolio
MySQL Enterprise Portfolio
 
MySQL Enterprise Edition - Complete Guide (2019)
MySQL Enterprise Edition - Complete Guide (2019)MySQL Enterprise Edition - Complete Guide (2019)
MySQL Enterprise Edition - Complete Guide (2019)
 
MySQL Day Paris 2016 - MySQL Enterprise Edition
MySQL Day Paris 2016 - MySQL Enterprise EditionMySQL Day Paris 2016 - MySQL Enterprise Edition
MySQL Day Paris 2016 - MySQL Enterprise Edition
 
MySQL Day Paris 2016 - Introducing Oracle MySQL Cloud Service
MySQL Day Paris 2016 - Introducing Oracle MySQL Cloud ServiceMySQL Day Paris 2016 - Introducing Oracle MySQL Cloud Service
MySQL Day Paris 2016 - Introducing Oracle MySQL Cloud Service
 
MySQL Security
MySQL SecurityMySQL Security
MySQL Security
 
MySQL Security
MySQL SecurityMySQL Security
MySQL Security
 
Oracle MySQL Tutorial -- MySQL NoSQL Cloud Buenos Aires Nov, 13 2014
Oracle MySQL Tutorial -- MySQL NoSQL Cloud Buenos Aires Nov, 13 2014Oracle MySQL Tutorial -- MySQL NoSQL Cloud Buenos Aires Nov, 13 2014
Oracle MySQL Tutorial -- MySQL NoSQL Cloud Buenos Aires Nov, 13 2014
 
Using MySQL in the Cloud
Using MySQL in the CloudUsing MySQL in the Cloud
Using MySQL in the Cloud
 
MySQL Tech Tour 2015 - 5.7 Security
MySQL Tech Tour 2015 - 5.7 SecurityMySQL Tech Tour 2015 - 5.7 Security
MySQL Tech Tour 2015 - 5.7 Security
 
MySQL Security & GDPR
MySQL Security & GDPRMySQL Security & GDPR
MySQL Security & GDPR
 
Netherlands Tech Tour - 06 MySQL Enterprise Monitor
Netherlands Tech Tour - 06 MySQL Enterprise MonitorNetherlands Tech Tour - 06 MySQL Enterprise Monitor
Netherlands Tech Tour - 06 MySQL Enterprise Monitor
 
Using MySQL Enterprise Monitor for Continuous Performance Improvement
Using MySQL Enterprise Monitor for Continuous Performance ImprovementUsing MySQL Enterprise Monitor for Continuous Performance Improvement
Using MySQL Enterprise Monitor for Continuous Performance Improvement
 
MySQL Enterprise Monitor
MySQL Enterprise MonitorMySQL Enterprise Monitor
MySQL Enterprise Monitor
 
BGOUG17: Cloudy with a chance of MySQL
BGOUG17: Cloudy with a chance of MySQLBGOUG17: Cloudy with a chance of MySQL
BGOUG17: Cloudy with a chance of MySQL
 
2014 OpenSuse Conf: Protect your MySQL Server
2014 OpenSuse Conf: Protect your MySQL Server2014 OpenSuse Conf: Protect your MySQL Server
2014 OpenSuse Conf: Protect your MySQL Server
 
MySQL 20 años: pasado, presente y futuro; conoce las nuevas características d...
MySQL 20 años: pasado, presente y futuro; conoce las nuevas características d...MySQL 20 años: pasado, presente y futuro; conoce las nuevas características d...
MySQL 20 años: pasado, presente y futuro; conoce las nuevas características d...
 
Pl17: MySQL 8.0: security
Pl17: MySQL 8.0: securityPl17: MySQL 8.0: security
Pl17: MySQL 8.0: security
 

More from Vittorio Cioe

MySQL Document Store (Oracle Code Warsaw 2018)
MySQL Document Store (Oracle Code Warsaw 2018)MySQL Document Store (Oracle Code Warsaw 2018)
MySQL Document Store (Oracle Code Warsaw 2018)
Vittorio Cioe
 
MySQL InnoDB Cluster: High Availability Made Easy!
MySQL InnoDB Cluster: High Availability Made Easy!MySQL InnoDB Cluster: High Availability Made Easy!
MySQL InnoDB Cluster: High Availability Made Easy!
Vittorio Cioe
 
MySQL 8.0
MySQL 8.0MySQL 8.0
MySQL 8.0
Vittorio Cioe
 
MySQL Cloud Service
MySQL Cloud ServiceMySQL Cloud Service
MySQL Cloud Service
Vittorio Cioe
 
MySQL Enterprise Monitor
MySQL Enterprise MonitorMySQL Enterprise Monitor
MySQL Enterprise Monitor
Vittorio Cioe
 
MySQL NDB Cluster
MySQL NDB ClusterMySQL NDB Cluster
MySQL NDB Cluster
Vittorio Cioe
 
MySQL InnoDB Cluster
MySQL InnoDB ClusterMySQL InnoDB Cluster
MySQL InnoDB Cluster
Vittorio Cioe
 
Next Gen Applications
Next Gen ApplicationsNext Gen Applications
Next Gen Applications
Vittorio Cioe
 
Introduction to MySQL Enterprise
Introduction to MySQL EnterpriseIntroduction to MySQL Enterprise
Introduction to MySQL Enterprise
Vittorio Cioe
 
State of the dolphin
State of the dolphinState of the dolphin
State of the dolphin
Vittorio Cioe
 

More from Vittorio Cioe (10)

MySQL Document Store (Oracle Code Warsaw 2018)
MySQL Document Store (Oracle Code Warsaw 2018)MySQL Document Store (Oracle Code Warsaw 2018)
MySQL Document Store (Oracle Code Warsaw 2018)
 
MySQL InnoDB Cluster: High Availability Made Easy!
MySQL InnoDB Cluster: High Availability Made Easy!MySQL InnoDB Cluster: High Availability Made Easy!
MySQL InnoDB Cluster: High Availability Made Easy!
 
MySQL 8.0
MySQL 8.0MySQL 8.0
MySQL 8.0
 
MySQL Cloud Service
MySQL Cloud ServiceMySQL Cloud Service
MySQL Cloud Service
 
MySQL Enterprise Monitor
MySQL Enterprise MonitorMySQL Enterprise Monitor
MySQL Enterprise Monitor
 
MySQL NDB Cluster
MySQL NDB ClusterMySQL NDB Cluster
MySQL NDB Cluster
 
MySQL InnoDB Cluster
MySQL InnoDB ClusterMySQL InnoDB Cluster
MySQL InnoDB Cluster
 
Next Gen Applications
Next Gen ApplicationsNext Gen Applications
Next Gen Applications
 
Introduction to MySQL Enterprise
Introduction to MySQL EnterpriseIntroduction to MySQL Enterprise
Introduction to MySQL Enterprise
 
State of the dolphin
State of the dolphinState of the dolphin
State of the dolphin
 

Recently uploaded

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 

Recently uploaded (20)

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 

Modern Data Security with MySQL

  • 1. Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Modern Data Security with MySQL Vittorio Cioe MySQL Sr. Sales Consultant vittorio.cioe@oracle.com
  • 2. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. 2
  • 3. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Copyright @ 2018 Oracle and/or its affiliates. All rights reserved. Agenda • Modern data security • MySQL Security Capabilities • MySQL and GDPR • Conclusion
  • 4. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Modern Data Security
  • 5. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Some time ago: trust based data security
  • 6. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | ...and the future came... data are everywhere
  • 7. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Now: need for embedded data security
  • 8. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Complexity grows -> Risk Grows 8
  • 9. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Data Security Cycle 9 ASSESS PREVENT DETECT
  • 10. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | MySQL Security Capabilities
  • 11. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Assess Security Risks 11 Discover Personal Data Scan Security Configuration Privilege Analysis
  • 12. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Monitor • Enforce MySQL Security Best Practices – Identifies Vulnerabilities – Assesses current setup against security hardening policies • Monitoring & Alerting – User Monitoring – Password Monitoring – Schema Change Monitoring – Backup Monitoring – Configuration Management – Configuration Tuning Advice • Centralized User Management 12 "I definitely recommend the MySQL Enterprise Monitor to DBAs who don't have a ton of MySQL experience. It makes monitoring MySQL security, performance and availability very easy to understand and to act on.” Sandi Barr Sr. Software Engineer Schneider Electric
  • 13. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Assess MySQL Authorization • Administrative Privileges • Database Privileges • Session Limits and Object Privileges • User privileges – Creating, altering and deleting databases – Creating, altering and deleting tables – Execute INSERT, SELECT, UPDATE, DELETE queries – Create, execute, or delete stored procedures and with what rights – Create or delete indexes 13 Security Privilege Management in MySQL Workbench
  • 14. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Authentication 14 • Integrate with Centralized Authentication Infrastructure – Centralized Account Management – Password Policy Management – Groups & Roles • PAM (Pluggable Authentication Modules) – Standard interface (Unix, LDAP, Kerberos, others) – Windows • Access native Windows service - Use to Authenticate users using Windows Active Directory or to a native host Integrates MySQL with existing security infrastructures Integrates MySQL with existing security infrastructures
  • 15. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Authentication: PAM • Standard Interface Unix/Linux • Proxy Users 15
  • 16. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Authentication: Windows • Windows Active Directory • Windows Native Services 16
  • 17. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Authentication: LDAP (new!!) • Standard Interface LDAP Authentication • Proxy Users 17
  • 18. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Assess your data and data model using MySQL Workbench 18
  • 19. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Protect from live threats 19 Protect from SQL injection Store Data Encrypted Enforce security roles
  • 20. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Firewall: Overview 20 Inbound SQL Traffic Web Applications SQL Injection Attack Via Brower ALLOW BLOCK DETECT 11 22 33 Instance MySQL Enterprise FirewallInternet
  • 21. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Firewall • Block SQL Injection Attacks – Allow: SQL Statements that match Whitelist – Block: SQL statements that are not on Whitelist • Intrusion Detection System – Detect: SQL statements that are not on Whitelist • SQL Statements execute and alert administrators 21 Select * from employee where id=22 Select * from employee where id=22 or 1=1 Block✖ Allow✔ White List Applications Detect & Alert Intrusion Detection
  • 22. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Firewall • Real Time Protection – Queries analyzed and matched against White List • Blocks SQL Injection Attacks – Positive Security Model • Block Suspicious Traffic – Out of Policy Transactions detected & blocked • Learns White List – Automated creation of approved list of SQL command patterns on a per user basis • Transparent – No changes to application required 22 MySQL Enterprise Firewall monitoring
  • 23. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Database Encrypted Tablespace Files Protected Key Hacker / Dishonest OS User Accesses Files Directly Information Access Blocked By Encryption MySQL TDE – Protects against Attacks on Database Files
  • 24. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Key Vault MySQL Enterprise Transparent Data Encryption 2 Tier Architecture MySQL Database Tablespace Keys MySQL Server Plugin & Services Infrastructure InnoDB Client Keyring plugins • Master Key • Stored outside the database • Oracle Key Vault • SafeNet KeySecure • KMIP Compliant Key Vault • Tablespace Key • Protected by master key Master Key Plain Text Encrypted 2 Encrypted 1
  • 25. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Key Vault High-Level Architecture Standby Administration Console, Alerts, Reports Secure Backups = Credential Files/Other Wallets = Password/phrases Keystores = Certificates Databases Servers Middleware 25
  • 26. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL 8.0: Atomicity in Privileges • Privilege Tables now 100% InnoDB • User Management DDLs Atomic – CREATE USER – ALTER USER – RENAME USER – DROP USER – GRANT – REVOKE
  • 27. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | • Fully Function, Flexible, Properly Architected Roles • Create and Drop Roles, Grant to Roles • Grant Roles to Roles, Grant Roles to Users • Limit Hosts that can use roles, Define Default Roles • Decide what roles are applicable during a session • And even visualize Roles with SQL function ROLES_GRAPHML() MySQL 8.0: Security Roles
  • 28. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Detect suspicious events 28 Audit live events Watch live queries Disaster Recovery
  • 29. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Audit - Work Flow 29
  • 30. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Focus on MySQL EE Audit • GDPR – Mandates recording or auditing of the activities on the Personal Data – Recommends records must be maintained centrally • Under the responsibility of the Controller. – Processors and third-parties must not be able to tamper or destroy the audit records. – In addition to book-keeping, auditing helps in forensic analysis in case of a breach. • MySQL Enterprise Audit Audit data can be – Maintained in Oracle Audit Value – certified – Outputs standard XML or JSON that easily integrate with various 3rd party solutions – Supports encryption – Can direct security logs to write-once storage 30
  • 31. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Review Audit Data With Workbench EE
  • 32. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Enterprise Query Analyzer • Real-time query performance • Visual correlation graphs • Find & fix expensive queries • Detailed query statistics • Query Response Time index (QRTi) “With the MySQL Query Analyzer, we were able to identify and analyze problematic SQL code, and triple our database performance. More importantly, we were able to accomplish this in three days, rather than taking weeks.” Keith Souhrada Software Development Engineer Big Fish Games
  • 33. Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | MySQL Enterprise Backup • Online, non-locking backup and recovery – Complete MySQL instance backup (data and config) – Partial backup and restore • Direct Cloud storage backups – Oracle Storage Cloud, S3, etc. • Incremental backups • Point-in-time recovery • Advanced compressed and encryption • Backup to tape (SBT) • Optimistic backups • Cross-Platform (Windows, Linux, Unix)
  • 34. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | InnoDB Cluster 34 App Servers with MySQL Router MySQL Group Replication MySQL Shell Setup, Manage, Orchestrate “High Availability becomes a core first class feature of MySQL!”
  • 35. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Additional Security Controls Hashing, Signing, Encryption Functions – Symmetric Encryption – AES – Hashing – SHA-2, SHA-1 – Asymmetric Public Key Encryption (RSA) – Asymmetric Private Key Decryption (RSA) – Generate Public/Private Key (RSA, DSA, DH) – Derive Symmetric Keys from Public and Private Key pairs (DH) – Digitally Sign Data (RSA, DSA) – Verify Data Signature (RSA, DSA) – Validation Data Authenticity (RSA, DSA) Confidential – Oracle Internal 35
  • 36. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | MySQL and GDPR
  • 37. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | EU General Data Protection Regulation (GDPR) • Data privacy as a fundamental right • Defines Data protection responsibilities, baselines, principles • Provides Enforcement Powers Focus is on 3 Areas • Assessment – Processes, Profiles, Data Sensitivity, Ricks • Prevention – Encryption, Anonymization, Access Controls, Separation of Duties • Detection – Auditing, Activity monitoring, Alerting, Reporting 37
  • 38. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | GDPR and MySQL • We can’t be entirely prescriptive • We have many things that can be applied towards attaining compliance – Assessment: MySQL Enterprise Monitor, MySQL Workbench EE, MySQL Security Best Practices Guidelines – Prevention: MySQL Transparent Data Encryption, MySQL Enterprise Firewall, DBA configurable IP whitelisting, Connection Limits, In transit data encryption, Granular access controls – Detection: MySQL Enterprise Firewall, MySQL Enterprise Audit, MySQL Workbench EE, MySQL Enterprise Monitor 38
  • 39. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Conclusion
  • 40. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 40 Takeaway: MySQL Enterprise Security Architecture  Workbench • Model • Data • Audit Data • User Management   Enterprise Monitor • Identifies Vulnerabilities • Security hardening policies • Monitoring & Alerting • User Monitoring • Password Monitoring • Schema Change Monitoring • Backup Monitoring  Data Encryption • TDE • Encryption • PKI  Firewall  Key Vault  Enterprise Authentication • SSO - LDAP, AD, PAM  Network Encryption  Enterprise Audit • Powerful Rules Engine  Audit Vault  Strong Authentication  Access Controls  Assess  Prevent  Detect  Recover  Enterprise Backup • Encrypted  HA • Innodb Cluster  Thread Pool • Attack minimization
  • 41. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | References Confidential – Oracle Internal 41 • Home page EU GDPR – http://www.eugdpr.org/ • MySQL Enterprise – https://www.mysql.com/products/enterprise/ • MySQL PCI DSS – https://www.mysql.com/it/why-mysql/white-papers/mysql-pci-data-security-complia nce/ • MySQL Security Best Practices – https://www.mysql.com/it/why-mysql/presentations/mysql-security-best-practices/