SlideShare a Scribd company logo

Webinar slides: How to Achieve PCI Compliance for MySQL & MariaDB with ClusterControl

Severalnines
Severalnines

Join Laurent Blume, Unix Systems Engineer & PCI Specialist and Vinay Joosery, CEO at Severalnines, as they discuss all there is to know about how to achieve PCI compliance for MySQL & MariaDB with ClusterControl. The Payment Card Industry Data Security Standard (PCI-DSS) is a set of technical and operational requirements defined by the PCI Security Standards Council (PCI SSC) to protect cardholder data. These standards apply to all entities that store, process or transmit cardholder data – with requirements for software developers and manufacturers of applications and devices used in those transactions. PCI data that resides in a MySQL or MariaDB database must of course also adhere to these requirements, and database administrators must follow best practices to ensure the data is secured and compliant. The PCI standards are stringent and can easily require a spiraling amount of time spent on meeting their requirements. Database administrators can end up overwhelmed when using software that was not designed for compliance, often because it long predates PCI itself, as is the case for most database systems in use today. That is why, as often as possible, reliable tools must be chosen to help with that compliance, easing out the crucial parts. Each time the compliance for one requirement can be shown to be implemented, working, and logged accordingly, time will be saved. If well-designed, it will only require regular software upgrades, a yearly review and a moderate amount of tweaking to follow the standard's evolution over time. This webinar focuses on PCI-DSS requirements for a MySQL or MariaDB database back-end managed by ClusterControl in order to help meet these requirements. It will provide a MySQL and MariaDB user focussed overview of what the PCI standards mean, how they impact database management and provide valuable tips and tricks on how to achieve PCI compliance for MySQL & MariaDB with ClusterControl. AGENDA Introduction to the PCI-DSS standards The impact of PCI on database management Step by step review of the PCI requirements How to meet the requirements for MySQL & MariaDB with ClusterControl Conclusion Q&A

Internet
1 of 58
Download to read offline
January 30, 2018 How to achieve PCI compliance for MySQL & MariaDB with ClusterControl Laurent Blume & Vinay Joosery Presenters
Copyright 2017 Severalnines AB I'm Jean-Jérôme from the Severalnines Team and I'm your host for today's webinar! Feel free to ask any questions in the Questions section of this application or via the Chat box. You can also contact me directly via the chat box or via email: jj@severalnines.com during or after the webinar. Your host & some logistics
Copyright 2017 Severalnines AB Copyright 2017 Severalnines AB About Severalnines and ClusterControl
Copyright 2017 Severalnines AB What we do Manage Scale MonitorDeploy
What Problems do we Address? Copyright 2017 Severalnines AB Deploy Deploy MySQL, Postgres or MongoDB - single instances or entire clusters Monitor Get a unified view of all clusters across all your data centers Scale Add/remove nodes, resize instances & clone your production clusters Manage Automatically repair & recover broken nodes or clusters. Test & automate upgrades
ClusterControl Platform Copyright 2017 Severalnines AB ClusterControl CC Clients Notifications Email PagerDuty VictorOps OpsGenie Slack TeleGram Webhooks Web UI S9s CLI JSON RPC Support 24/7 KeepAlived HAProxy ProxySQL MaxScale Galera MariaDb Percona Replication MariaDb Percona MongoDb MongoDb Inc Percona PostgreSql PgSQL Codership Cloud Backup
Deployment Features in ClusterControl Copyright 2017 Severalnines AB ● Each Cluster can be deployed and existing Clusters can be imported. ● Web UI ○ Deployment Wizard ● CLI ○ Allows easy integration with e.g Ansible s9s cluster --create --cluster-type=galera --nodes='10.10.10.26;10.10.10.27;10.10.10.28' --vendor=percona --cluster-name=PXC_CENTOS7 --provider-version=5.7 --os-user=vagrant --wait ● Supports multiple NICs and templated configurations.
Monitoring Features in ClusterControl Copyright 2017 Severalnines AB ● Database specific stats and Health status ○ Graphs and Dashboards ● Host statistics ○ E.g Predictive disk space usage monitoring ● Query Monitoring ○ E.g Top Queries, Outlier detection ● Advisors ○ Developer Studio with JS like syntax ● Notifications ○ Email, Pagerduty, VictorOps etc ● Operational Reports
Management Features in ClusterControl Copyright 2017 Severalnines AB ● Availability ○ Node/Cluster Recovery ● Backup and Restore ○ MySQL: mysqldump, xtrabackup ○ Postgres: pg_dump, pg_basebackup ○ MongoDb: Mongodump, MongoDb Consistent Backup ● Configuration ● Upgrades ● Loadbalancer ○ HAProxy, ProxySQL, MaxScale ○ KeepAlived
Copyright 2017 Severalnines AB Supported Databases
Copyright 2017 Severalnines AB Customers
Copyright 2017 Severalnines AB Copyright 2017 Severalnines AB Agenda
Today’s topics Copyright 2017 Severalnines AB ● Introduction to the PCI-DSS standard ● The impact of PCI on database management ● Meeting PCI requirements for MySQL / MariaDB with ClusterControl ● Conclusion ● Q&A
About me Copyright 2017 Severalnines AB Laurent Blume, Unix Systems Engineer & PCI-DSS implementer
Copyright 2017 Severalnines AB Copyright 2017 Severalnines AB Introduction to the PCI-DSS standard
Header Copyright 2017 Severalnines AB Source: https://www.pcisecuritystandards.org/pci_security/maintaining_payment_security
What is PCI-DSS ? Copyright 2017 Severalnines AB ● Managed by the PCI Security Standard Council, which was founded by major payment card companies ● Set of technical & operational requirements to protect cardholder data ● Governs all merchants and organizations that store/process/transmits this data
What isn’t PCI-DSS ? Copyright 2017 Severalnines AB ● Not set in stone ○ Version 3.2 (April 2016) currently in force ● Not a goal that can be reached then forgotten ○ Yearly reviews and audits ● Not a governmental regulation ○ Those also need to be respected (GDPR, …)
Applicable Data Copyright 2017 Severalnines AB ● All revolves around the card number, aka the PAN ○ You can store it after a transaction, but it needs protection ● Other elements used during the transaction must never be stored (PIN, CVV, …) Ref: https://www.pcisecuritystandards.org/pdfs/pci_fs_data_storage.pdf
Why comply? Copyright 2017 Severalnines AB ● Required in order to accept credit cards ● A security breach has serious consequences ○ Regulatory notification ○ Fines ○ Litigation ○ Impacts your customers and reputation
Compliance Checks Copyright 2017 Severalnines AB ● The same rules apply to every company handling card information ● Merchant levels define how the compliance is checked ○ Minimum: an annual Self Assessment Questionnaire and network scan ○ Maximum: an annual audit by a Qualified Security Assessor https://pci.qualys.com/static/help/merchant/getting_started/pci_merchant_levels.htm
Copyright 2017 Severalnines AB Copyright 2017 Severalnines AB The Impact of PCI on Database Management
Cardholder Data Environment (CDE) Copyright 2017 Severalnines AB ● PCI-DSS applies to every single component inside the CDE ● That CDE must be precisely defined ● An isolated network can reduce the scope
Cardholder Data Environment (CDE) Copyright 2017 Severalnines AB ● What’s inside the CDE: ○ Workstations ○ Application servers ○ Network equipment ○ Databases ○ ...
Cardholder Data Environment (CDE) Copyright 2017 Severalnines AB ● The database often is the central element of the CDE ○ It contains sensitive data that must be protected ○ It sends and receives fresh data ○ It must be reachable, but only by authorized parties (load balancers, application servers, …)
Procedures and Provability Copyright 2017 Severalnines AB ● Doing things right: of course you must ● Proving you’re doing them right? ○ Not as obvious as you might think...
Procedures and Provability: Making it easier Copyright 2017 Severalnines AB ● Automation: ○ It takes time to set it up, then it saves time ○ It helps making sure an action made once will not be forgotten next time ○ It helps proving what you’ve been doing since the last time you saw the auditor
Database environment is distributed Copyright 2017 Severalnines AB ● You process card numbers? ● You need security ● It’s likely you also need reliability ○ Multiple servers ○ Multiple data centers
Single view/control of distributed environment Copyright 2017 Severalnines AB ● In short, you need a cluster ○ Distributed database of identical nodes ○ Load balancers manage access to those nodes ○ Application clients use one connection string ○ Single view: all nodes as a single entity facilitates compliance
Copyright 2017 Severalnines AB Copyright 2017 Severalnines AB Meeting PCI Requirements for MySQL & MariaDB with ClusterControl
PCI Data Security Standard - Overview Copyright 2017 Severalnines AB
2. Do not use vendor-supplied defaults for system passwords & other security parameters Copyright 2017 Severalnines AB ● Set root password, disable remote root login ● Remove anonymous users/test database ● Automated via ClusterControl ○ Easily audited in the UI ● … more in our ‘10 Security Tips’ blog* * https://severalnines.com/blog/ten-tips-how-achieve-mysql-and-mariadb-security
3. Protect stored cardholder data Copyright 2017 Severalnines AB ● Some fields must not be stored in any form ○ PIN, CVV2 ● A stored PAN must be masked or encrypted ○ MySQL encryption functions ○ Transparent Data Encryption ● Ensure logs do not contain sensitive data ● ClusterControl ○ Helps understanding the database structure ○ Allows to check its logs
4. Encrypt transmission of cardholder data across open, public networks Copyright 2017 Severalnines AB ● Setup TLS between database nodes ○ Replication traffic ● Setup TLS from application to database ● ClusterControl can set up the TLS connections between nodes and for database users
Example: Encrypting client/server traffic + intra-cluster replication traffic Copyright 2017 Severalnines AB
6. Develop & maintain secure systems & applications Copyright 2017 Severalnines AB ● Track ○ what is running in production ○ vulnerabilities and current risk level ● Patch ○ any critical vulnerability within a month ○ non-critical ones within 3 months ● Separate dev and staging environments
Upgrade Report from ClusterControl
Automate upgrades via ClusterControl Copyright 2017 Severalnines AB ● Makes database upgrades simpler: ○ Each node is upgraded in turn without service interruption ○ After the database version is upgraded, the schema is updated by the script ● Makes system upgrades simpler ○ After the OS is updated (yum upgrade, …), each node can be rebooted in sequence ● No service interruption during upgrades
Automate upgrades via ClusterControl Copyright 2017 Severalnines AB
ClusterControl built on standard bricks Copyright 2017 Severalnines AB ● ClusterControl uses Apache, PHP, ssh, from standard Linux distributions ● Easier for Severalnines developers to follow industry Best Practices ● Easier for end-users to deploy and manage using standard tools
7. Restrict access to cardholder data by business need to know Copyright 2017 Severalnines AB ● Root account accessed from localhost ● Administrator manages the DB but does not access the content ● Developer account defines DB structure ● Service accounts to access content, used only by application and limited to its needs ● Least privilege model ● Accounts and privileges can be audited in ClusterControl in different environments: development, staging, production
8. Identify & authenticate access to system components Copyright 2017 Severalnines AB ● View of all granted users + permissions ● Control addition/deletion of user IDs ● No shared ID rule ● ClusterControl ○ shows all database user accounts at a glance ○ can use LDAP for its own access control
User Mgmt: Single view Copyright 2017 Severalnines AB
10. Track & monitor all access to network resources & cardholder data Copyright 2017 Severalnines AB ● ClusterControl keeps ○ an audit trail for management access ○ logs to remote syslog server ● Audit plugins from MariaDB and Percona
10. Track & monitor all access to network resources & cardholder data Copyright 2017 Severalnines AB ● ClusterControl keeps ○ an audit trail for management access ○ logs to remote syslog server ● Audit plugins from MariaDB and Percona
10. Track & monitor all access to network resources & cardholder data Copyright 2017 Severalnines AB ● ClusterControl keeps ○ an audit trail for management access ○ logs to remote syslog server ● Audit plugins from MariaDB and Percona
10. Track & monitor all access to network resources & cardholder data Copyright 2017 Severalnines AB
1. Install & maintain a firewall configuration to protect cardholder data Copyright 2017 Severalnines AB ● Different flows of data either allowed or blocked ● Limit incoming/outgoing connections to what is absolutely needed
5. Protect all systems against malware & regularly update anti-virus software or programmes Copyright 2017 Severalnines AB ● Understand impact on database performance ● Can create false positives on certain file formats ● ClusterControl can’t help with that :)
9. Restrict physical access to cardholder data Copyright 2017 Severalnines AB ● Not directly applicable to ClusterControl
11. Regularly test security systems and processes Copyright 2017 Severalnines AB ● ClusterControl will be itself scanned ● It works as for any other web application without adding an additional burden ● It helps keep the database part up to date
12. Maintain an information security policy for all personnel Copyright 2017 Severalnines AB ● Last but not least, and often overlooked: technology matters, but people stay in charge ● Streamline the management of the database environment via ClusterControl ● Management actions performed via UI
Copyright 2017 Severalnines AB Copyright 2017 Severalnines AB Conclusion
An ongoing process Copyright 2017 Severalnines AB ● Payment card security not a fixed goal ● PCI Standard is upgraded every year ○ Announced last week: PCI SPoC* ● Environments must evolve with the changes * https://www.pcisecuritystandards.org/pdfs/SPOC_Press_Release_24_Jan.pdf
Making Compliance less time consuming Copyright 2017 Severalnines AB ● MySQL/MariaDB not designed for modern security ● Reaching compliance for an existing environment can be overwhelming ● Leverage reliable database tools to ease out crucial parts ● Automate and manage your MySQL & MariaDB databases with ClusterControl
Secure DB Setup with ClusterControl Copyright 2017 Severalnines AB ● A simple example of a CDE with ClusterControl
Copyright 2017 Severalnines AB Copyright 2017 Severalnines AB Q&A
Additional Resources Copyright 2017 Severalnines AB ● White paper: How to achieve PCI compliance for MySQL & MariaDB with ClusterControl ● ClusterControl in Financial Technology ● Download ClusterControl ● Contact us: info@severalnines.com

Recommended

NATS in action - A Real time Microservices Architecture handled by NATS
NATS in action - A Real time Microservices Architecture handled by NATSNATS in action - A Real time Microservices Architecture handled by NATS
NATS in action - A Real time Microservices Architecture handled by NATS
Raül Pérez
 
MRA AMA Part 6: Service Mesh Models
MRA AMA Part 6: Service Mesh ModelsMRA AMA Part 6: Service Mesh Models
MRA AMA Part 6: Service Mesh Models
NGINX, Inc.
 
Samsung. Blockchain Keystore SDK and Use Cases
Samsung. Blockchain Keystore SDK and Use CasesSamsung. Blockchain Keystore SDK and Use Cases
Samsung. Blockchain Keystore SDK and Use Cases
LennartF
 
Microservices architecture presentation
Microservices architecture presentationMicroservices architecture presentation
Microservices architecture presentation
Joseph SHYIRAMBERE
 
ModSecurity 3.0 and NGINX: Getting Started
ModSecurity 3.0 and NGINX: Getting StartedModSecurity 3.0 and NGINX: Getting Started
ModSecurity 3.0 and NGINX: Getting Started
NGINX, Inc.
 
NGINX, Istio, and the Move to Microservices and Service Mesh
NGINX, Istio, and the Move to Microservices and Service MeshNGINX, Istio, and the Move to Microservices and Service Mesh
NGINX, Istio, and the Move to Microservices and Service Mesh
NGINX, Inc.
 
SSL Implementation - IBM MQ - Secure Communications
SSL Implementation - IBM MQ - Secure Communications SSL Implementation - IBM MQ - Secure Communications
SSL Implementation - IBM MQ - Secure Communications
nishchal29
 
Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBM
Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBMEnterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBM
Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBM
Data Driven Innovation
 

Recommended

NATS in action - A Real time Microservices Architecture handled by NATS
NATS in action - A Real time Microservices Architecture handled by NATSNATS in action - A Real time Microservices Architecture handled by NATS
NATS in action - A Real time Microservices Architecture handled by NATS
Raül Pérez
 
MRA AMA Part 6: Service Mesh Models
MRA AMA Part 6: Service Mesh ModelsMRA AMA Part 6: Service Mesh Models
MRA AMA Part 6: Service Mesh Models
NGINX, Inc.
 
Samsung. Blockchain Keystore SDK and Use Cases
Samsung. Blockchain Keystore SDK and Use CasesSamsung. Blockchain Keystore SDK and Use Cases
Samsung. Blockchain Keystore SDK and Use Cases
LennartF
 
Microservices architecture presentation
Microservices architecture presentationMicroservices architecture presentation
Microservices architecture presentation
Joseph SHYIRAMBERE
 
ModSecurity 3.0 and NGINX: Getting Started
ModSecurity 3.0 and NGINX: Getting StartedModSecurity 3.0 and NGINX: Getting Started
ModSecurity 3.0 and NGINX: Getting Started
NGINX, Inc.
 
NGINX, Istio, and the Move to Microservices and Service Mesh
NGINX, Istio, and the Move to Microservices and Service MeshNGINX, Istio, and the Move to Microservices and Service Mesh
NGINX, Istio, and the Move to Microservices and Service Mesh
NGINX, Inc.
 
SSL Implementation - IBM MQ - Secure Communications
SSL Implementation - IBM MQ - Secure Communications SSL Implementation - IBM MQ - Secure Communications
SSL Implementation - IBM MQ - Secure Communications
nishchal29
 
Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBM
Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBMEnterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBM
Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBM
Data Driven Innovation
 
Webinar slides: Free Monitoring (on Steroids) for MySQL, MariaDB, PostgreSQL ...
Webinar slides: Free Monitoring (on Steroids) for MySQL, MariaDB, PostgreSQL ...Webinar slides: Free Monitoring (on Steroids) for MySQL, MariaDB, PostgreSQL ...
Webinar slides: Free Monitoring (on Steroids) for MySQL, MariaDB, PostgreSQL ...
Severalnines
 
Webinar slides: How to automate and manage MongoDB & Percona Server for MongoDB
Webinar slides: How to automate and manage MongoDB & Percona Server for MongoDBWebinar slides: How to automate and manage MongoDB & Percona Server for MongoDB
Webinar slides: How to automate and manage MongoDB & Percona Server for MongoDB
Severalnines
 
Webinar slides: How to Automate & Manage PostgreSQL with ClusterControl
Webinar slides: How to Automate & Manage PostgreSQL with ClusterControlWebinar slides: How to Automate & Manage PostgreSQL with ClusterControl
Webinar slides: How to Automate & Manage PostgreSQL with ClusterControl
Severalnines
 
PostgreSQL Security. How Do We Think? at PGCon 2017
PostgreSQL Security. How Do We Think? at PGCon 2017PostgreSQL Security. How Do We Think? at PGCon 2017
PostgreSQL Security. How Do We Think? at PGCon 2017
Ohyama Masanori
 
Automating and Managing MongoDB: An Analysis of Ops Manager vs. ClusterControl
Automating and Managing MongoDB: An Analysis of Ops Manager vs. ClusterControlAutomating and Managing MongoDB: An Analysis of Ops Manager vs. ClusterControl
Automating and Managing MongoDB: An Analysis of Ops Manager vs. ClusterControl
Severalnines
 
Introduction to Azure Functions
Introduction to Azure FunctionsIntroduction to Azure Functions
Introduction to Azure Functions
Marco Parenzan
 
SysAdmin Working from Home? Tips to Automate MySQL, MariaDB, Postgres & MongoDB
SysAdmin Working from Home? Tips to Automate MySQL, MariaDB, Postgres & MongoDBSysAdmin Working from Home? Tips to Automate MySQL, MariaDB, Postgres & MongoDB
SysAdmin Working from Home? Tips to Automate MySQL, MariaDB, Postgres & MongoDB
Severalnines
 
Biznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsBiznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital Forensics
Yusuf Hadiwinata Sutandar
 
Advanced MySql Data-at-Rest Encryption in Percona Server
Advanced MySql Data-at-Rest Encryption in Percona ServerAdvanced MySql Data-at-Rest Encryption in Percona Server
Advanced MySql Data-at-Rest Encryption in Percona Server
Severalnines
 
Adding Recurring Revenue with Cloud Computing ProfitBricks
Adding Recurring Revenue with Cloud Computing ProfitBricksAdding Recurring Revenue with Cloud Computing ProfitBricks
Adding Recurring Revenue with Cloud Computing ProfitBricks
ProfitBricks
 
PostgreSQL Security. How Do We Think?
PostgreSQL Security. How Do We Think?PostgreSQL Security. How Do We Think?
PostgreSQL Security. How Do We Think?
Ohyama Masanori
 
Check Point and Cisco: Securing the Private Cloud
Check Point and Cisco: Securing the Private CloudCheck Point and Cisco: Securing the Private Cloud
Check Point and Cisco: Securing the Private Cloud
Check Point Software Technologies
 
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentationJustin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
TriNimbus
 
An Introduction to PCI Compliance on IBM Power Systems
An Introduction to PCI Compliance on IBM Power SystemsAn Introduction to PCI Compliance on IBM Power Systems
An Introduction to PCI Compliance on IBM Power Systems
HelpSystems
 
Webinar slides: DevOps Tutorial: how to automate your database infrastructure
Webinar slides: DevOps Tutorial: how to automate your database infrastructureWebinar slides: DevOps Tutorial: how to automate your database infrastructure
Webinar slides: DevOps Tutorial: how to automate your database infrastructure
Severalnines
 
MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021
Ieva Navickaite
 
Mastering the move
Mastering the moveMastering the move
Mastering the move
Trivadis
 
Multi-tenancy In the Cloud
Multi-tenancy In the CloudMulti-tenancy In the Cloud
Multi-tenancy In the Cloud
sdevillers
 
What's New in Kubernetes 1.18 Webinar Slides
What's New in Kubernetes 1.18 Webinar SlidesWhat's New in Kubernetes 1.18 Webinar Slides
What's New in Kubernetes 1.18 Webinar Slides
Mirantis
 
Enterprise Cloud Security
Enterprise Cloud SecurityEnterprise Cloud Security
Enterprise Cloud Security
MongoDB
 
Kubernetes at Scale: Going Multi-Cluster with Istio
Kubernetes at Scale: Going Multi-Cluster with IstioKubernetes at Scale: Going Multi-Cluster with Istio
Kubernetes at Scale: Going Multi-Cluster with Istio
Severalnines
 
DIY DBaaS: A guide to building your own full-featured DBaaS
DIY DBaaS: A guide to building your own full-featured DBaaSDIY DBaaS: A guide to building your own full-featured DBaaS
DIY DBaaS: A guide to building your own full-featured DBaaS
Severalnines
 

More Related Content

Similar to Webinar slides: How to Achieve PCI Compliance for MySQL & MariaDB with ClusterControl

Webinar slides: Free Monitoring (on Steroids) for MySQL, MariaDB, PostgreSQL ...
Webinar slides: Free Monitoring (on Steroids) for MySQL, MariaDB, PostgreSQL ...Webinar slides: Free Monitoring (on Steroids) for MySQL, MariaDB, PostgreSQL ...
Webinar slides: Free Monitoring (on Steroids) for MySQL, MariaDB, PostgreSQL ...
Severalnines
 
Webinar slides: How to automate and manage MongoDB & Percona Server for MongoDB
Webinar slides: How to automate and manage MongoDB & Percona Server for MongoDBWebinar slides: How to automate and manage MongoDB & Percona Server for MongoDB
Webinar slides: How to automate and manage MongoDB & Percona Server for MongoDB
Severalnines
 
Webinar slides: How to Automate & Manage PostgreSQL with ClusterControl
Webinar slides: How to Automate & Manage PostgreSQL with ClusterControlWebinar slides: How to Automate & Manage PostgreSQL with ClusterControl
Webinar slides: How to Automate & Manage PostgreSQL with ClusterControl
Severalnines
 
PostgreSQL Security. How Do We Think? at PGCon 2017
PostgreSQL Security. How Do We Think? at PGCon 2017PostgreSQL Security. How Do We Think? at PGCon 2017
PostgreSQL Security. How Do We Think? at PGCon 2017
Ohyama Masanori
 
Automating and Managing MongoDB: An Analysis of Ops Manager vs. ClusterControl
Automating and Managing MongoDB: An Analysis of Ops Manager vs. ClusterControlAutomating and Managing MongoDB: An Analysis of Ops Manager vs. ClusterControl
Automating and Managing MongoDB: An Analysis of Ops Manager vs. ClusterControl
Severalnines
 
Introduction to Azure Functions
Introduction to Azure FunctionsIntroduction to Azure Functions
Introduction to Azure Functions
Marco Parenzan
 
SysAdmin Working from Home? Tips to Automate MySQL, MariaDB, Postgres & MongoDB
SysAdmin Working from Home? Tips to Automate MySQL, MariaDB, Postgres & MongoDBSysAdmin Working from Home? Tips to Automate MySQL, MariaDB, Postgres & MongoDB
SysAdmin Working from Home? Tips to Automate MySQL, MariaDB, Postgres & MongoDB
Severalnines
 
Biznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsBiznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital Forensics
Yusuf Hadiwinata Sutandar
 
Advanced MySql Data-at-Rest Encryption in Percona Server
Advanced MySql Data-at-Rest Encryption in Percona ServerAdvanced MySql Data-at-Rest Encryption in Percona Server
Advanced MySql Data-at-Rest Encryption in Percona Server
Severalnines
 
Adding Recurring Revenue with Cloud Computing ProfitBricks
Adding Recurring Revenue with Cloud Computing ProfitBricksAdding Recurring Revenue with Cloud Computing ProfitBricks
Adding Recurring Revenue with Cloud Computing ProfitBricks
ProfitBricks
 
PostgreSQL Security. How Do We Think?
PostgreSQL Security. How Do We Think?PostgreSQL Security. How Do We Think?
PostgreSQL Security. How Do We Think?
Ohyama Masanori
 
Check Point and Cisco: Securing the Private Cloud
Check Point and Cisco: Securing the Private CloudCheck Point and Cisco: Securing the Private Cloud
Check Point and Cisco: Securing the Private Cloud
Check Point Software Technologies
 
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentationJustin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
TriNimbus
 
An Introduction to PCI Compliance on IBM Power Systems
An Introduction to PCI Compliance on IBM Power SystemsAn Introduction to PCI Compliance on IBM Power Systems
An Introduction to PCI Compliance on IBM Power Systems
HelpSystems
 
Webinar slides: DevOps Tutorial: how to automate your database infrastructure
Webinar slides: DevOps Tutorial: how to automate your database infrastructureWebinar slides: DevOps Tutorial: how to automate your database infrastructure
Webinar slides: DevOps Tutorial: how to automate your database infrastructure
Severalnines
 
MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021
Ieva Navickaite
 
Mastering the move
Mastering the moveMastering the move
Mastering the move
Trivadis
 
Multi-tenancy In the Cloud
Multi-tenancy In the CloudMulti-tenancy In the Cloud
Multi-tenancy In the Cloud
sdevillers
 
What's New in Kubernetes 1.18 Webinar Slides
What's New in Kubernetes 1.18 Webinar SlidesWhat's New in Kubernetes 1.18 Webinar Slides
What's New in Kubernetes 1.18 Webinar Slides
Mirantis
 
Enterprise Cloud Security
Enterprise Cloud SecurityEnterprise Cloud Security
Enterprise Cloud Security
MongoDB
 

Similar to Webinar slides: How to Achieve PCI Compliance for MySQL & MariaDB with ClusterControl (20)

Webinar slides: Free Monitoring (on Steroids) for MySQL, MariaDB, PostgreSQL ...
Webinar slides: Free Monitoring (on Steroids) for MySQL, MariaDB, PostgreSQL ...Webinar slides: Free Monitoring (on Steroids) for MySQL, MariaDB, PostgreSQL ...
Webinar slides: Free Monitoring (on Steroids) for MySQL, MariaDB, PostgreSQL ...
 
Webinar slides: How to automate and manage MongoDB & Percona Server for MongoDB
Webinar slides: How to automate and manage MongoDB & Percona Server for MongoDBWebinar slides: How to automate and manage MongoDB & Percona Server for MongoDB
Webinar slides: How to automate and manage MongoDB & Percona Server for MongoDB
 
Webinar slides: How to Automate & Manage PostgreSQL with ClusterControl
Webinar slides: How to Automate & Manage PostgreSQL with ClusterControlWebinar slides: How to Automate & Manage PostgreSQL with ClusterControl
Webinar slides: How to Automate & Manage PostgreSQL with ClusterControl
 
PostgreSQL Security. How Do We Think? at PGCon 2017
PostgreSQL Security. How Do We Think? at PGCon 2017PostgreSQL Security. How Do We Think? at PGCon 2017
PostgreSQL Security. How Do We Think? at PGCon 2017
 
Automating and Managing MongoDB: An Analysis of Ops Manager vs. ClusterControl
Automating and Managing MongoDB: An Analysis of Ops Manager vs. ClusterControlAutomating and Managing MongoDB: An Analysis of Ops Manager vs. ClusterControl
Automating and Managing MongoDB: An Analysis of Ops Manager vs. ClusterControl
 
Introduction to Azure Functions
Introduction to Azure FunctionsIntroduction to Azure Functions
Introduction to Azure Functions
 
SysAdmin Working from Home? Tips to Automate MySQL, MariaDB, Postgres & MongoDB
SysAdmin Working from Home? Tips to Automate MySQL, MariaDB, Postgres & MongoDBSysAdmin Working from Home? Tips to Automate MySQL, MariaDB, Postgres & MongoDB
SysAdmin Working from Home? Tips to Automate MySQL, MariaDB, Postgres & MongoDB
 
Biznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsBiznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital Forensics
 
Advanced MySql Data-at-Rest Encryption in Percona Server
Advanced MySql Data-at-Rest Encryption in Percona ServerAdvanced MySql Data-at-Rest Encryption in Percona Server
Advanced MySql Data-at-Rest Encryption in Percona Server
 
Adding Recurring Revenue with Cloud Computing ProfitBricks
Adding Recurring Revenue with Cloud Computing ProfitBricksAdding Recurring Revenue with Cloud Computing ProfitBricks
Adding Recurring Revenue with Cloud Computing ProfitBricks
 
PostgreSQL Security. How Do We Think?
PostgreSQL Security. How Do We Think?PostgreSQL Security. How Do We Think?
PostgreSQL Security. How Do We Think?
 
Check Point and Cisco: Securing the Private Cloud
Check Point and Cisco: Securing the Private CloudCheck Point and Cisco: Securing the Private Cloud
Check Point and Cisco: Securing the Private Cloud
 
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentationJustin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
 
An Introduction to PCI Compliance on IBM Power Systems
An Introduction to PCI Compliance on IBM Power SystemsAn Introduction to PCI Compliance on IBM Power Systems
An Introduction to PCI Compliance on IBM Power Systems
 
Webinar slides: DevOps Tutorial: how to automate your database infrastructure
Webinar slides: DevOps Tutorial: how to automate your database infrastructureWebinar slides: DevOps Tutorial: how to automate your database infrastructure
Webinar slides: DevOps Tutorial: how to automate your database infrastructure
 
MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021
 
Mastering the move
Mastering the moveMastering the move
Mastering the move
 
Multi-tenancy In the Cloud
Multi-tenancy In the CloudMulti-tenancy In the Cloud
Multi-tenancy In the Cloud
 
What's New in Kubernetes 1.18 Webinar Slides
What's New in Kubernetes 1.18 Webinar SlidesWhat's New in Kubernetes 1.18 Webinar Slides
What's New in Kubernetes 1.18 Webinar Slides
 
Enterprise Cloud Security
Enterprise Cloud SecurityEnterprise Cloud Security
Enterprise Cloud Security
 

More from Severalnines

Kubernetes at Scale: Going Multi-Cluster with Istio
Kubernetes at Scale: Going Multi-Cluster with IstioKubernetes at Scale: Going Multi-Cluster with Istio
Kubernetes at Scale: Going Multi-Cluster with Istio
Severalnines
 
DIY DBaaS: A guide to building your own full-featured DBaaS
DIY DBaaS: A guide to building your own full-featured DBaaSDIY DBaaS: A guide to building your own full-featured DBaaS
DIY DBaaS: A guide to building your own full-featured DBaaS
Severalnines
 
Cloud's future runs through Sovereign DBaaS
Cloud's future runs through Sovereign DBaaSCloud's future runs through Sovereign DBaaS
Cloud's future runs through Sovereign DBaaS
Severalnines
 
Tips to drive maria db cluster performance for nextcloud
Tips to drive maria db cluster performance for nextcloudTips to drive maria db cluster performance for nextcloud
Tips to drive maria db cluster performance for nextcloud
Severalnines
 
Working with the Moodle Database: The Basics
Working with the Moodle Database: The BasicsWorking with the Moodle Database: The Basics
Working with the Moodle Database: The Basics
Severalnines
 
(slides) Polyglot persistence: utilizing open source databases as a Swiss poc...
(slides) Polyglot persistence: utilizing open source databases as a Swiss poc...(slides) Polyglot persistence: utilizing open source databases as a Swiss poc...
(slides) Polyglot persistence: utilizing open source databases as a Swiss poc...
Severalnines
 
Webinar slides: How to Migrate from Oracle DB to MariaDB
Webinar slides: How to Migrate from Oracle DB to MariaDBWebinar slides: How to Migrate from Oracle DB to MariaDB
Webinar slides: How to Migrate from Oracle DB to MariaDB
Severalnines
 
Webinar slides: How to Manage Replication Failover Processes for MySQL, Maria...
Webinar slides: How to Manage Replication Failover Processes for MySQL, Maria...Webinar slides: How to Manage Replication Failover Processes for MySQL, Maria...
Webinar slides: How to Manage Replication Failover Processes for MySQL, Maria...
Severalnines
 
Webinar slides: Backup Management for MySQL, MariaDB, PostgreSQL & MongoDB wi...
Webinar slides: Backup Management for MySQL, MariaDB, PostgreSQL & MongoDB wi...Webinar slides: Backup Management for MySQL, MariaDB, PostgreSQL & MongoDB wi...
Webinar slides: Backup Management for MySQL, MariaDB, PostgreSQL & MongoDB wi...
Severalnines
 
Disaster Recovery Planning for MySQL & MariaDB
Disaster Recovery Planning for MySQL & MariaDBDisaster Recovery Planning for MySQL & MariaDB
Disaster Recovery Planning for MySQL & MariaDB
Severalnines
 
MariaDB Performance Tuning Crash Course
MariaDB Performance Tuning Crash CourseMariaDB Performance Tuning Crash Course
MariaDB Performance Tuning Crash Course
Severalnines
 
Performance Tuning Cheat Sheet for MongoDB
Performance Tuning Cheat Sheet for MongoDBPerformance Tuning Cheat Sheet for MongoDB
Performance Tuning Cheat Sheet for MongoDB
Severalnines
 
Polyglot Persistence Utilizing Open Source Databases as a Swiss Pocket Knife
Polyglot Persistence Utilizing Open Source Databases as a Swiss Pocket KnifePolyglot Persistence Utilizing Open Source Databases as a Swiss Pocket Knife
Polyglot Persistence Utilizing Open Source Databases as a Swiss Pocket Knife
Severalnines
 
Webinar slides: An Introduction to Performance Monitoring for PostgreSQL
Webinar slides: An Introduction to Performance Monitoring for PostgreSQLWebinar slides: An Introduction to Performance Monitoring for PostgreSQL
Webinar slides: An Introduction to Performance Monitoring for PostgreSQL
Severalnines
 
Webinar slides: Our Guide to MySQL & MariaDB Performance Tuning
Webinar slides: Our Guide to MySQL & MariaDB Performance TuningWebinar slides: Our Guide to MySQL & MariaDB Performance Tuning
Webinar slides: Our Guide to MySQL & MariaDB Performance Tuning
Severalnines
 
Webinar slides: Migrating to Galera Cluster for MySQL and MariaDB
Webinar slides: Migrating to Galera Cluster for MySQL and MariaDBWebinar slides: Migrating to Galera Cluster for MySQL and MariaDB
Webinar slides: Migrating to Galera Cluster for MySQL and MariaDB
Severalnines
 
Webinar slides: How to Measure Database Availability?
Webinar slides: How to Measure Database Availability?Webinar slides: How to Measure Database Availability?
Webinar slides: How to Measure Database Availability?
Severalnines
 
Webinar slides: Designing Open Source Databases for High Availability
Webinar slides: Designing Open Source Databases for High AvailabilityWebinar slides: Designing Open Source Databases for High Availability
Webinar slides: Designing Open Source Databases for High Availability
Severalnines
 
Webinar slides: How to Get Started with Open Source Database Management
Webinar slides: How to Get Started with Open Source Database ManagementWebinar slides: How to Get Started with Open Source Database Management
Webinar slides: How to Get Started with Open Source Database Management
Severalnines
 
Webinar slides: Severalnines & MariaDB present: Automation & Management of Ma...
Webinar slides: Severalnines & MariaDB present: Automation & Management of Ma...Webinar slides: Severalnines & MariaDB present: Automation & Management of Ma...
Webinar slides: Severalnines & MariaDB present: Automation & Management of Ma...
Severalnines
 

More from Severalnines (20)

Kubernetes at Scale: Going Multi-Cluster with Istio
Kubernetes at Scale: Going Multi-Cluster with IstioKubernetes at Scale: Going Multi-Cluster with Istio
Kubernetes at Scale: Going Multi-Cluster with Istio
 
DIY DBaaS: A guide to building your own full-featured DBaaS
DIY DBaaS: A guide to building your own full-featured DBaaSDIY DBaaS: A guide to building your own full-featured DBaaS
DIY DBaaS: A guide to building your own full-featured DBaaS
 
Cloud's future runs through Sovereign DBaaS
Cloud's future runs through Sovereign DBaaSCloud's future runs through Sovereign DBaaS
Cloud's future runs through Sovereign DBaaS
 
Tips to drive maria db cluster performance for nextcloud
Tips to drive maria db cluster performance for nextcloudTips to drive maria db cluster performance for nextcloud
Tips to drive maria db cluster performance for nextcloud
 
Working with the Moodle Database: The Basics
Working with the Moodle Database: The BasicsWorking with the Moodle Database: The Basics
Working with the Moodle Database: The Basics
 
(slides) Polyglot persistence: utilizing open source databases as a Swiss poc...
(slides) Polyglot persistence: utilizing open source databases as a Swiss poc...(slides) Polyglot persistence: utilizing open source databases as a Swiss poc...
(slides) Polyglot persistence: utilizing open source databases as a Swiss poc...
 
Webinar slides: How to Migrate from Oracle DB to MariaDB
Webinar slides: How to Migrate from Oracle DB to MariaDBWebinar slides: How to Migrate from Oracle DB to MariaDB
Webinar slides: How to Migrate from Oracle DB to MariaDB
 
Webinar slides: How to Manage Replication Failover Processes for MySQL, Maria...
Webinar slides: How to Manage Replication Failover Processes for MySQL, Maria...Webinar slides: How to Manage Replication Failover Processes for MySQL, Maria...
Webinar slides: How to Manage Replication Failover Processes for MySQL, Maria...
 
Webinar slides: Backup Management for MySQL, MariaDB, PostgreSQL & MongoDB wi...
Webinar slides: Backup Management for MySQL, MariaDB, PostgreSQL & MongoDB wi...Webinar slides: Backup Management for MySQL, MariaDB, PostgreSQL & MongoDB wi...
Webinar slides: Backup Management for MySQL, MariaDB, PostgreSQL & MongoDB wi...
 
Disaster Recovery Planning for MySQL & MariaDB
Disaster Recovery Planning for MySQL & MariaDBDisaster Recovery Planning for MySQL & MariaDB
Disaster Recovery Planning for MySQL & MariaDB
 
MariaDB Performance Tuning Crash Course
MariaDB Performance Tuning Crash CourseMariaDB Performance Tuning Crash Course
MariaDB Performance Tuning Crash Course
 
Performance Tuning Cheat Sheet for MongoDB
Performance Tuning Cheat Sheet for MongoDBPerformance Tuning Cheat Sheet for MongoDB
Performance Tuning Cheat Sheet for MongoDB
 
Polyglot Persistence Utilizing Open Source Databases as a Swiss Pocket Knife
Polyglot Persistence Utilizing Open Source Databases as a Swiss Pocket KnifePolyglot Persistence Utilizing Open Source Databases as a Swiss Pocket Knife
Polyglot Persistence Utilizing Open Source Databases as a Swiss Pocket Knife
 
Webinar slides: An Introduction to Performance Monitoring for PostgreSQL
Webinar slides: An Introduction to Performance Monitoring for PostgreSQLWebinar slides: An Introduction to Performance Monitoring for PostgreSQL
Webinar slides: An Introduction to Performance Monitoring for PostgreSQL
 
Webinar slides: Our Guide to MySQL & MariaDB Performance Tuning
Webinar slides: Our Guide to MySQL & MariaDB Performance TuningWebinar slides: Our Guide to MySQL & MariaDB Performance Tuning
Webinar slides: Our Guide to MySQL & MariaDB Performance Tuning
 
Webinar slides: Migrating to Galera Cluster for MySQL and MariaDB
Webinar slides: Migrating to Galera Cluster for MySQL and MariaDBWebinar slides: Migrating to Galera Cluster for MySQL and MariaDB
Webinar slides: Migrating to Galera Cluster for MySQL and MariaDB
 
Webinar slides: How to Measure Database Availability?
Webinar slides: How to Measure Database Availability?Webinar slides: How to Measure Database Availability?
Webinar slides: How to Measure Database Availability?
 
Webinar slides: Designing Open Source Databases for High Availability
Webinar slides: Designing Open Source Databases for High AvailabilityWebinar slides: Designing Open Source Databases for High Availability
Webinar slides: Designing Open Source Databases for High Availability
 
Webinar slides: How to Get Started with Open Source Database Management
Webinar slides: How to Get Started with Open Source Database ManagementWebinar slides: How to Get Started with Open Source Database Management
Webinar slides: How to Get Started with Open Source Database Management
 
Webinar slides: Severalnines & MariaDB present: Automation & Management of Ma...
Webinar slides: Severalnines & MariaDB present: Automation & Management of Ma...Webinar slides: Severalnines & MariaDB present: Automation & Management of Ma...
Webinar slides: Severalnines & MariaDB present: Automation & Management of Ma...
 

Recently uploaded

Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
davidjhones387
 
Design Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptxDesign Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptx
saathvikreddy2003
 
[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
hackersuli
 
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalmanuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
wolfsoftcompanyco
 
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
zoowe
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
cuobya
 
7 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 20247 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 2024
Danica Gill
 
HijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process HollowingHijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process Hollowing
Donato Onofri
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
fovkoyb
 
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
k4ncd0z
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
uehowe
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
uehowe
 
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
bseovas
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
Laura Szabó
 
Search Result Showing My Post is Now Buried
Search Result Showing My Post is Now BuriedSearch Result Showing My Post is Now Buried
Search Result Showing My Post is Now Buried
Trish Parr
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
ysasp1
 
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
cuobya
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
Toptal Tech
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
xjq03c34
 
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
vmemo1
 

Recently uploaded (20)

Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
 
Design Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptxDesign Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptx
 
[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
 
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalmanuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
 
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
 
7 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 20247 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 2024
 
HijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process HollowingHijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process Hollowing
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
 
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
 
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
 
Search Result Showing My Post is Now Buried
Search Result Showing My Post is Now BuriedSearch Result Showing My Post is Now Buried
Search Result Showing My Post is Now Buried
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
 
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
 
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
 

Webinar slides: How to Achieve PCI Compliance for MySQL & MariaDB with ClusterControl

  • 1. January 30, 2018 How to achieve PCI compliance for MySQL & MariaDB with ClusterControl Laurent Blume & Vinay Joosery Presenters
  • 2. Copyright 2017 Severalnines AB I'm Jean-Jérôme from the Severalnines Team and I'm your host for today's webinar! Feel free to ask any questions in the Questions section of this application or via the Chat box. You can also contact me directly via the chat box or via email: jj@severalnines.com during or after the webinar. Your host & some logistics
  • 3. Copyright 2017 Severalnines AB Copyright 2017 Severalnines AB About Severalnines and ClusterControl
  • 4. Copyright 2017 Severalnines AB What we do Manage Scale MonitorDeploy
  • 5. What Problems do we Address? Copyright 2017 Severalnines AB Deploy Deploy MySQL, Postgres or MongoDB - single instances or entire clusters Monitor Get a unified view of all clusters across all your data centers Scale Add/remove nodes, resize instances & clone your production clusters Manage Automatically repair & recover broken nodes or clusters. Test & automate upgrades
  • 6. ClusterControl Platform Copyright 2017 Severalnines AB ClusterControl CC Clients Notifications Email PagerDuty VictorOps OpsGenie Slack TeleGram Webhooks Web UI S9s CLI JSON RPC Support 24/7 KeepAlived HAProxy ProxySQL MaxScale Galera MariaDb Percona Replication MariaDb Percona MongoDb MongoDb Inc Percona PostgreSql PgSQL Codership Cloud Backup
  • 7. Deployment Features in ClusterControl Copyright 2017 Severalnines AB ● Each Cluster can be deployed and existing Clusters can be imported. ● Web UI ○ Deployment Wizard ● CLI ○ Allows easy integration with e.g Ansible s9s cluster --create --cluster-type=galera --nodes='10.10.10.26;10.10.10.27;10.10.10.28' --vendor=percona --cluster-name=PXC_CENTOS7 --provider-version=5.7 --os-user=vagrant --wait ● Supports multiple NICs and templated configurations.
  • 8. Monitoring Features in ClusterControl Copyright 2017 Severalnines AB ● Database specific stats and Health status ○ Graphs and Dashboards ● Host statistics ○ E.g Predictive disk space usage monitoring ● Query Monitoring ○ E.g Top Queries, Outlier detection ● Advisors ○ Developer Studio with JS like syntax ● Notifications ○ Email, Pagerduty, VictorOps etc ● Operational Reports
  • 9. Management Features in ClusterControl Copyright 2017 Severalnines AB ● Availability ○ Node/Cluster Recovery ● Backup and Restore ○ MySQL: mysqldump, xtrabackup ○ Postgres: pg_dump, pg_basebackup ○ MongoDb: Mongodump, MongoDb Consistent Backup ● Configuration ● Upgrades ● Loadbalancer ○ HAProxy, ProxySQL, MaxScale ○ KeepAlived
  • 10. Copyright 2017 Severalnines AB Supported Databases
  • 12. Copyright 2017 Severalnines AB Copyright 2017 Severalnines AB Agenda
  • 13. Today’s topics Copyright 2017 Severalnines AB ● Introduction to the PCI-DSS standard ● The impact of PCI on database management ● Meeting PCI requirements for MySQL / MariaDB with ClusterControl ● Conclusion ● Q&A
  • 14. About me Copyright 2017 Severalnines AB Laurent Blume, Unix Systems Engineer & PCI-DSS implementer
  • 15. Copyright 2017 Severalnines AB Copyright 2017 Severalnines AB Introduction to the PCI-DSS standard
  • 16. Header Copyright 2017 Severalnines AB Source: https://www.pcisecuritystandards.org/pci_security/maintaining_payment_security
  • 17. What is PCI-DSS ? Copyright 2017 Severalnines AB ● Managed by the PCI Security Standard Council, which was founded by major payment card companies ● Set of technical & operational requirements to protect cardholder data ● Governs all merchants and organizations that store/process/transmits this data
  • 18. What isn’t PCI-DSS ? Copyright 2017 Severalnines AB ● Not set in stone ○ Version 3.2 (April 2016) currently in force ● Not a goal that can be reached then forgotten ○ Yearly reviews and audits ● Not a governmental regulation ○ Those also need to be respected (GDPR, …)
  • 19. Applicable Data Copyright 2017 Severalnines AB ● All revolves around the card number, aka the PAN ○ You can store it after a transaction, but it needs protection ● Other elements used during the transaction must never be stored (PIN, CVV, …) Ref: https://www.pcisecuritystandards.org/pdfs/pci_fs_data_storage.pdf
  • 20. Why comply? Copyright 2017 Severalnines AB ● Required in order to accept credit cards ● A security breach has serious consequences ○ Regulatory notification ○ Fines ○ Litigation ○ Impacts your customers and reputation
  • 21. Compliance Checks Copyright 2017 Severalnines AB ● The same rules apply to every company handling card information ● Merchant levels define how the compliance is checked ○ Minimum: an annual Self Assessment Questionnaire and network scan ○ Maximum: an annual audit by a Qualified Security Assessor https://pci.qualys.com/static/help/merchant/getting_started/pci_merchant_levels.htm
  • 22. Copyright 2017 Severalnines AB Copyright 2017 Severalnines AB The Impact of PCI on Database Management
  • 23. Cardholder Data Environment (CDE) Copyright 2017 Severalnines AB ● PCI-DSS applies to every single component inside the CDE ● That CDE must be precisely defined ● An isolated network can reduce the scope
  • 24. Cardholder Data Environment (CDE) Copyright 2017 Severalnines AB ● What’s inside the CDE: ○ Workstations ○ Application servers ○ Network equipment ○ Databases ○ ...
  • 25. Cardholder Data Environment (CDE) Copyright 2017 Severalnines AB ● The database often is the central element of the CDE ○ It contains sensitive data that must be protected ○ It sends and receives fresh data ○ It must be reachable, but only by authorized parties (load balancers, application servers, …)
  • 26. Procedures and Provability Copyright 2017 Severalnines AB ● Doing things right: of course you must ● Proving you’re doing them right? ○ Not as obvious as you might think...
  • 27. Procedures and Provability: Making it easier Copyright 2017 Severalnines AB ● Automation: ○ It takes time to set it up, then it saves time ○ It helps making sure an action made once will not be forgotten next time ○ It helps proving what you’ve been doing since the last time you saw the auditor
  • 28. Database environment is distributed Copyright 2017 Severalnines AB ● You process card numbers? ● You need security ● It’s likely you also need reliability ○ Multiple servers ○ Multiple data centers
  • 29. Single view/control of distributed environment Copyright 2017 Severalnines AB ● In short, you need a cluster ○ Distributed database of identical nodes ○ Load balancers manage access to those nodes ○ Application clients use one connection string ○ Single view: all nodes as a single entity facilitates compliance
  • 30. Copyright 2017 Severalnines AB Copyright 2017 Severalnines AB Meeting PCI Requirements for MySQL & MariaDB with ClusterControl
  • 31. PCI Data Security Standard - Overview Copyright 2017 Severalnines AB
  • 32. 2. Do not use vendor-supplied defaults for system passwords & other security parameters Copyright 2017 Severalnines AB ● Set root password, disable remote root login ● Remove anonymous users/test database ● Automated via ClusterControl ○ Easily audited in the UI ● … more in our ‘10 Security Tips’ blog* * https://severalnines.com/blog/ten-tips-how-achieve-mysql-and-mariadb-security
  • 33. 3. Protect stored cardholder data Copyright 2017 Severalnines AB ● Some fields must not be stored in any form ○ PIN, CVV2 ● A stored PAN must be masked or encrypted ○ MySQL encryption functions ○ Transparent Data Encryption ● Ensure logs do not contain sensitive data ● ClusterControl ○ Helps understanding the database structure ○ Allows to check its logs
  • 34. 4. Encrypt transmission of cardholder data across open, public networks Copyright 2017 Severalnines AB ● Setup TLS between database nodes ○ Replication traffic ● Setup TLS from application to database ● ClusterControl can set up the TLS connections between nodes and for database users
  • 35. Example: Encrypting client/server traffic + intra-cluster replication traffic Copyright 2017 Severalnines AB
  • 36. 6. Develop & maintain secure systems & applications Copyright 2017 Severalnines AB ● Track ○ what is running in production ○ vulnerabilities and current risk level ● Patch ○ any critical vulnerability within a month ○ non-critical ones within 3 months ● Separate dev and staging environments
  • 38. Automate upgrades via ClusterControl Copyright 2017 Severalnines AB ● Makes database upgrades simpler: ○ Each node is upgraded in turn without service interruption ○ After the database version is upgraded, the schema is updated by the script ● Makes system upgrades simpler ○ After the OS is updated (yum upgrade, …), each node can be rebooted in sequence ● No service interruption during upgrades
  • 39. Automate upgrades via ClusterControl Copyright 2017 Severalnines AB
  • 40. ClusterControl built on standard bricks Copyright 2017 Severalnines AB ● ClusterControl uses Apache, PHP, ssh, from standard Linux distributions ● Easier for Severalnines developers to follow industry Best Practices ● Easier for end-users to deploy and manage using standard tools
  • 41. 7. Restrict access to cardholder data by business need to know Copyright 2017 Severalnines AB ● Root account accessed from localhost ● Administrator manages the DB but does not access the content ● Developer account defines DB structure ● Service accounts to access content, used only by application and limited to its needs ● Least privilege model ● Accounts and privileges can be audited in ClusterControl in different environments: development, staging, production
  • 42. 8. Identify & authenticate access to system components Copyright 2017 Severalnines AB ● View of all granted users + permissions ● Control addition/deletion of user IDs ● No shared ID rule ● ClusterControl ○ shows all database user accounts at a glance ○ can use LDAP for its own access control
  • 43. User Mgmt: Single view Copyright 2017 Severalnines AB
  • 44. 10. Track & monitor all access to network resources & cardholder data Copyright 2017 Severalnines AB ● ClusterControl keeps ○ an audit trail for management access ○ logs to remote syslog server ● Audit plugins from MariaDB and Percona
  • 45. 10. Track & monitor all access to network resources & cardholder data Copyright 2017 Severalnines AB ● ClusterControl keeps ○ an audit trail for management access ○ logs to remote syslog server ● Audit plugins from MariaDB and Percona
  • 46. 10. Track & monitor all access to network resources & cardholder data Copyright 2017 Severalnines AB ● ClusterControl keeps ○ an audit trail for management access ○ logs to remote syslog server ● Audit plugins from MariaDB and Percona
  • 47. 10. Track & monitor all access to network resources & cardholder data Copyright 2017 Severalnines AB
  • 48. 1. Install & maintain a firewall configuration to protect cardholder data Copyright 2017 Severalnines AB ● Different flows of data either allowed or blocked ● Limit incoming/outgoing connections to what is absolutely needed
  • 49. 5. Protect all systems against malware & regularly update anti-virus software or programmes Copyright 2017 Severalnines AB ● Understand impact on database performance ● Can create false positives on certain file formats ● ClusterControl can’t help with that :)
  • 50. 9. Restrict physical access to cardholder data Copyright 2017 Severalnines AB ● Not directly applicable to ClusterControl
  • 51. 11. Regularly test security systems and processes Copyright 2017 Severalnines AB ● ClusterControl will be itself scanned ● It works as for any other web application without adding an additional burden ● It helps keep the database part up to date
  • 52. 12. Maintain an information security policy for all personnel Copyright 2017 Severalnines AB ● Last but not least, and often overlooked: technology matters, but people stay in charge ● Streamline the management of the database environment via ClusterControl ● Management actions performed via UI
  • 53. Copyright 2017 Severalnines AB Copyright 2017 Severalnines AB Conclusion
  • 54. An ongoing process Copyright 2017 Severalnines AB ● Payment card security not a fixed goal ● PCI Standard is upgraded every year ○ Announced last week: PCI SPoC* ● Environments must evolve with the changes * https://www.pcisecuritystandards.org/pdfs/SPOC_Press_Release_24_Jan.pdf
  • 55. Making Compliance less time consuming Copyright 2017 Severalnines AB ● MySQL/MariaDB not designed for modern security ● Reaching compliance for an existing environment can be overwhelming ● Leverage reliable database tools to ease out crucial parts ● Automate and manage your MySQL & MariaDB databases with ClusterControl
  • 56. Secure DB Setup with ClusterControl Copyright 2017 Severalnines AB ● A simple example of a CDE with ClusterControl
  • 57. Copyright 2017 Severalnines AB Copyright 2017 Severalnines AB Q&A
  • 58. Additional Resources Copyright 2017 Severalnines AB ● White paper: How to achieve PCI compliance for MySQL & MariaDB with ClusterControl ● ClusterControl in Financial Technology ● Download ClusterControl ● Contact us: info@severalnines.com