Data security plays a critical role in PayPal's database infrastructures. In this presentation, we will discuss how PayPal enforces data security. The following areas will be covered:
- SSL encrypted connections between applications and database instances, as well as database to database instances
- Integration of database login with LDAP for user authentication and authorization
- Enterprise auditing for database access and metadata/object modifications
- Securing application login with custom SSL key and password management, password rotations
- Methods to avoid password exposure, such as by using MySQL connection strings
- Challenges of standardization of MySQL to Percona XtraDB in PayPal. How we handled
-- different versions of MySQL on different operating systems
-- application users with super user privileges
-- incompatibilities between MySQL commercial and Percona XtraDB Cluster
Stacy has 16 years of experience on various flavors of relational databases. Stacy focuses on performance tuning, code reviews, database deployment and infrastructure management for MySQL. In her spare time, she enjoys reading books and doing some volunteer work.
Yashada is a MySQL Certified Database Engineer with 5+ years experience in core database operations and management. She has presented previously for Percona Live 2015 and Oracle Open World on MySQL technologies. Prior to PayPal, Yashada worked at Amazon Web Services, Yahoo, Inc. and other companies.