When you ask a MySQL DBA about security, they will usually tell you one or more of these three things: 1) strong MySQL passwords; 2) proper user@host grants and 3) SSL connectivity. However in reality MySQL is not deployed in an isolated secure room with no network access like the CIA computer room in the ‘Mission Impossible’ movie (even then you have to protect against Tom Cruise), but connected to a vast array of other computers through a complex network and even eventually the world wide Internet. In this talk we will look at the different ways to compromise MySQL security in typical deployment scenarios through vulnerabilities in the underlying hardware, the operating system, applications, and the network. We will not be focusing just on security from hackers, but from internal sources as well who may be intending to compromise data.
12 April 14:00 - 14:50 @
Senior Database and System Administrator, The Pythian Group
Singer been interested in technology and innovation since his introduction to Netrek, an early graphical multi-player Internet based game, in 1990. He received a Bachelor of Computer Science with a Minor in Theoretical Mathematics from Dalhousie University where he was first exposed to the mathematical beauty of the relational model. He worked with MySQL at Tilde Business Intelligence, a company he co-founded, where his many roles included Data Architect, MySQL DBA, and System Administrator. Since then he has served as the CTO and Data Architect of WebLink Technologies, another start-up he co-founded, and as a senior system administrator at Dalhousie University where he managed several Linux HPC clusters during his graduate studies. In the last several years, Singer has been working as a Senior Database and System Administrator at The Pythian Group (http://www.pythian.com), a leading global database and application infrastructure services company, providing clients with innovation solutions for their database and system administration needs.