MongoDB Insecurity Levels and How to Avoid Them
Most database management systems have several techniques of securing their data from an outsider or an unauthorized person or application. The techniques prevent your data from being read or copied without the user’s permission. MongoDB...
Configuring Mutual SSL Authentication in ClusterControl
Establishing trusted communications between systems is essential in enhancing system’s security. The use of Public Key Infrastructure (PKI) is one of the common ways to achieve trusted communication in distributed systems. In particular, Mutual SSL...
Considerations on Encryption for Data at Rest for MariaDB
Data security is crucial in times of GDPR, PCI DSS or HIPPA. To comply with the regulations, one has to exercise extreme caution regarding how the data should be stored and protected. Data, typically, can...
Audit Logging for MongoDB
One of the security aspects of managing a database is to understand who accessed the database, when, and what did they do. Although we have already secured the MongoDB service, we still want to know...
Audit Logging for PostgreSQL
Auditing is a requirement for many security regulations or standards, like PCI - Payment Card Industry, and even a good way to keep your data as safe as possible knowing what is happening in your...
How to Close the Vulnerability Gap in PostgreSQL
No matter what kind of technology or security system you have in place, there is always a risk of being hacked as there is no 100% secured system. As data is probably the most important...
Tips and Tricks for Implementing Database Role-Based Access Controls for MariaDB
In a database management system (DBMS), role-based access controls (RBAC), is a restriction on database resources based on a set of pre-defined groups of privileges and has become one of the main methods for advanced...
Architecting for Security: A Guide for MySQL
Security is paramount today across the whole of IT. From time to time we hear about ransomware attacks or data leaks that have their origin in not secured databases or IT infrastructure. You may wonder:...
Standardizing PostgreSQL Security Across Multi-Cloud Environments
Multi-Cloud Environment is a common topology and even recommended for a Disaster Recovery Plan (DRP), but the security could be a risk here as you need to add to the common security checks an extra...
Managing Your ClusterControl Users Privileges and Access
ClusterControl is a management platform for open source databases. It is a feature-rich product which allows users to perform multiple management tasks, including ones that may result in a data loss (rebuilding nodes, restoring backups...
How to Secure MySQL: Part Two
In the previous post about MySQL security, we have covered a range of options that can be used to make your MySQL instance(s) more secure. They included: General MySQL security measures; Controlling access in MySQL;...
How to Secure MySQL: Part One
Whenever application security is mentioned, people think of securing applications against some of the most frequent attacks such as injection, broken authentication, sensitive data exposure, and the like. However, while these attacks are prevalent, knowing...