How to Audit a PostgreSQL Database
Auditing is a good way to keep your data as safe as possible, and to know what is happening in your databases. It is also required for many security regulations or standards, like PCI -...
Importing or Changing Your SSL Certificate in ClusterControl
SSL encryption is clearly one of the must-haves for database deployments. It is required by all security standards and even if your organization does not have to comply with PCI DSS, HIPPA or other similar...
Managing Your ClusterControl Users Privileges and Access
ClusterControl is a management platform for open source databases. It is a feature-rich product which allows users to perform multiple management tasks, including ones that may result in a data loss (rebuilding nodes, restoring backups...
How to Secure MySQL: Part Two
In the previous post about MySQL security, we have covered a range of options that can be used to make your MySQL instance(s) more secure. They included: General MySQL security measures; Controlling access in MySQL;...
How to Secure MySQL: Part One
Whenever application security is mentioned, people think of securing applications against some of the most frequent attacks such as injection, broken authentication, sensitive data exposure, and the like. However, while these attacks are prevalent, knowing...
Using the Percona Audit Log Plugin for Database Security
Why Do You Need To Use an Audit Plugin For Your Database? Auditing in a database doesn't deviate from its meaning as it shares the same connotation i.e. to inspect, examine, and evaluate for such...
An Overview of PostgreSQL 13 libpq sslpassword Connection Parameters
PostgreSQL since long has supported SSL connections and also certificate-based authentication mechanisms. Although nothing in this regard seems to be new for the PostgreSQL world. However, a small nagging issue for client connection (client-certificates based...
ClusterControl’s Vault Integration Adds Dynamic Data Security Protections
The security is paramount nowadays, especially for the organizations that deal with the sensitive data - financial, health, personal data. In those cases you are obliged to comply with numerous security and data protection standards...
Data Backups for SOC 2 Compliance
SOC 2 is an auditing procedure, developed by the American Institute of CPAs (AICPA), that seeks to verify if your service providers are securely managing your data to protect the interests of your business and...
Securing your Backup Storage on MinIO
A security consideration when setting up your custom storage using MinIO is encryption. By and large, setting up MinIO securely entails encryption in-transit using Transport Layer Security (TLS) certificates, Server-Side Encryption with Client-provided keys (SSE-C)...
Advantages and Disadvantages of Using a DBaaS
In this blog, we are going to dive into the advantages and disadvantages of using a DBaaS. DBaaS is a component of a Platform-as-a-Service (PaaS), which is essentially a platform built allowing customers to easily...
What is Hyperconvergence in a Private Cloud?
In recent years, the term "hyper-convergence" has emerged and steadily disrupting the enterprise IT markets with its extreme simplicity. Old-fashioned solutions are being challenged all over the enterprise world by a new breed of intelligent...