The function of security has always been a significant part of the database engineer's job. The security of an organization's most critical asset is paramount. In the siloed, historical world of the DBA, the admin would focus on database security controls only. As the stewards of the organization's data, however, the database reliability engineer must take a more holistic approach to the job. A methodology and strategy for mitigation that is holistic, and that can be integrated into the entire engineering culture, is needed to ensure effective data security at scale.
In this talk, we establish a process for instilling repeatable, scalable data security through education and collaboration, self-service libraries and patterns, continuous integration and testing, and monitoring and metrics. After this, we discuss potential vulnerabilities and exploits, methods of encryption at rest and in flight, and the various compliance standards we must take into consideration.
Since the beginning, Facebook has used a conventional username/password to secure access to production MySQL instances. Over the last few years we've been working on moving to x509 TLS client certificate authenticated connections. Given the many types of languages and systems at Facebook that use MySQL in some way - this required a massive amount of changes for a lot of teams.
This talk is part technical overview of how our new solution works and part hard-learned tricks for getting an entire company to change their underlying mysql client libraries.
The EU's General Data Protection Regulation (GDPR) goes into effect on 25 May 2018. Your company's lawyers and compliance staff are (hopefully) well-versed on the subject, but what does GDPR mean for the DBA?
With the recent explosion of cryptocurrencies and the rapid rise of associated blockchain technologies, some seem to assume that blockchain will replace many other types of databases. Many even believe that blockchains are a database. We won't debate that in this session. However, we will discuss what blockchain is, why this technology is taking off, its basic architecture and functionality and how it really works. We'll also cover smart contracts a bit before pointing out where gaps still exist.
It is in those gap areas that NoSQL databases such as MongoDB and Elasticsearch still have a great seat at the table and have plenty to offer in this growing ecosystem.