MySQL Security for Fun and Profit

Database Administration
3 April 3:30PM - 4:20PM @ Ballroom D

Experience level: 
50 minutes conference
Unauthorized disclosure of sensitive data can translate into anything from a black eye in the press to millions of dollars in fines, lost revenue, and damage control, but far too often, database security is something of an afterthought. Too many people are content to firewall their database server from the Internet and, believing that the perimeter is secure, ignore some very real vulnerabilities in the soft underbelly of their infrastructure. In this session, we will expose that soft underbelly and discuss some ways to get it back into six-pack form. Topics that we'll cover include: - Information assurance and why unauthorized access is only part of the story. - Commonly-observed worst practices: the what, the why, and the how not to. - Recommended best practices for authentication, authorization, and data access. - Encryption at rest, encryption in flight, and performance implications thereof. - What's new and noteworthy in MySQL 5.6. Some knowledge of system / network security best practices is assumed; many hours could be (and are, quite frequently) devoted to those topics, and I will not be explaining such things as why it is a bad idea to run MySQL as root while listening on a wide open public network interface. The focus for this talk is on the proper configuration and operational care and feeding of MySQL from a security-oriented perspective.


Database Engineer and Bit Wrangler, Pinterest
Ernie is a member of the triumvirate of data services engineers at Pinterest, where his current focus is on improving the performance and operational efficiency of a petabyte-scale MySQL deployment. In his past lives, Ernie has worked in almost every aspect of information technology, from network engineering to software development, with his most recent previous engagement being a Senior Architect with Percona. Current areas of interest include artificial intelligence, data analytics, and neuroscience. He holds a BS in mathematics and a BA in political science from Arizona State University.