Buy Percona ServicesBuy Now!

Backing up Percona Server for MySQL with keyring_vault plugin enabled

 | September 24, 2018 |  Posted In: MySQL, Percona Server for MySQL, Percona XtraBackup, Security

Percona XtraBackup with keyring_vault

To use Percona XtraBackup with keyring_vault plugin enabled you need to take some special measures to secure a working backup. This post addresses how to backup Percona Server for MySQL with keyring_vault plugin enabled. We also run through the steps needed to restore the backup from the master to a slave. This is the second […]

Read More

Securing PostgreSQL as an Enterprise-Grade Environment

, and  | September 21, 2018 |  Posted In: Events and Announcements, Insight for DBAs, Insight for Developers, PostgreSQL, Security

PostgreSQL enterprise-grade security

In this post, we review how you can build an enhanced and secure PostgreSQL database environment using community software. We look at the features that are available in PostgreSQL that, when implemented, provide improved security. As discussed in the introductory blog post of this series, in our webinar of October 10, 2018 we highlight important […]

Read More

Using the keyring_vault Plugin with Percona Server for MySQL 5.7

 | September 17, 2018 |  Posted In: MySQL, Percona Server for MySQL, Security

keyring_vault store database encryption keys

This is the first of a two-part series on using the keyring_vault plugin with Percona Server for MySQL 5.7. The second part, Backing up Percona Server for MySQL with keyring_vault plugin enabled, walks through how to use Percona Xtrabackup to backup from this instance and restore to another server and set it up as a slave with […]

Read More

Encryption of the InnoDB System Tablespace and Parallel Doublewrite Buffer

 | September 14, 2018 |  Posted In: MySQL, Percona Server for MySQL, Security

encryption of InnoDB tablespace parallel doublewrite buffer

In my last post I compared data at-rest encryption features available for MySQL and MariaDB. As noted at the time, some of the features available for Percona Server for MySQL were in development, and the latest version (5.7.23) sees two of them released as ALPHA quality. Encrypting the InnoDB system tablespace The first of the […]

Read More

Using ProxySQL to connect to IPv6-only databases over IPv4

 | September 10, 2018 |  Posted In: MySQL, Percona Server for MySQL, Percona XtraDB Cluster, ProxySQL, Security

connect to ipv6 database from ipv4 application using proxysql

It’s 2018. Maybe now is the time to start migrating your network to IPv6, and your database infrastructure is a great place to start. Unfortunately, many legacy applications don’t offer the option to connect to MySQL directly over IPv6 (sometimes even if passing a hostname). We can work around this by using ProxySQL’s IPv6 support […]

Read More

Comparing Data At-Rest Encryption Features for MariaDB, MySQL and Percona Server for MySQL

 | August 23, 2018 |  Posted In: MariaDB, MySQL, MySQL 8.0, Percona Server for MySQL, Security

Encryption at rest MariaDB MySQL Percona Server

Protecting the data stored in your database may have been at the top of your priorities recently, especially with the changes that were introduced earlier this year with GDPR. There are a number of ways to protect this data, which until not so long ago would have meant either using an encrypted filesystem (e.g. LUKS), […]

Read More

Lock Down: Enforcing AppArmor with Percona XtraDB Cluster

 | August 9, 2018 |  Posted In: MySQL, Percona XtraDB Cluster, Security

Enforcing AppArmor with Percona XtraDB Cluster

Recently, I wrote a blog post showing how to enforce SELinux with Percona XtraDB Cluster (PXC). The Linux distributions derived from RedHat use SELinux. There is another major mandatory discretionary access control (DAC) system, AppArmor. Ubuntu, for example, installs AppArmor by default. If you are concerned by computer security and use PXC on Ubuntu, you […]

Read More

Another Day, Another Data Leak

 | July 6, 2018 |  Posted In: Business Continuity, MongoDB, MySQL, Percona Server for MongoDB, Percona Server for MySQL, Security

another day another data leak Exactis

In the last few days, there has been information released about yet another alleged data leak, placing in jeopardy “…[the] personal information on hundreds of millions of American adults, as well as millions of businesses.” In this case, the “victim” was Exactis, for whom data collection and data security are core business functions. Some takeaways […]

Read More

Webinar 6/28: Securing Database Servers From External Attacks

 | June 27, 2018 |  Posted In: Insight for DBAs, Insight for Developers, MariaDB, MongoDB, MySQL, PostgreSQL, Replication, Security, Technical Webinars

securing database servers

Please join Percona’s Chief Evangelist Colin Charles on Thursday, June 28th, 2018, as he presents Securing Database Servers From External attacks at 7:00 AM PDT (UTC-7) / 10:00 AM EDT (UTC-4). Register Now   A critical piece of your infrastructure is the database tier, yet people don’t pay enough attention to it judging by how […]

Read More

Lock Down: Enforcing SELinux with Percona XtraDB Cluster

 | June 21, 2018 |  Posted In: MySQL, Percona XtraDB Cluster, Security

SELinux for PXC security

Why do I spend time blogging about security frameworks? Because, although there are some resources available on the Web, none apply to Percona XtraDB Cluster (PXC) directly. Actually, I rarely encounter a MySQL setup where SELinux is enforced and never when Percona XtraDB Cluster (PXC) or another Galera replication implementation is used. As we’ll see, […]

Read More