Protecting Confidential Data in MySQL

Best Practices for Businesses
4 April 1:50PM - 2:40PM @ Ballroom D

Experience level: 
50 minutes conference
For either compliance, ethical reasons, or both, businesses are required to protect confidential data in their mysql databases. At Modernizing Medicine, we are obsessive about protecting patient data. With respect to MySQL, this session will address how we encrypt data at rest with filesystem based encryption, data in transit using the latest version of Continuent Tungsten Enterprise, which provides encryption of client/server traffic as well as replication traffic, and encryption of backups. In addition, I will discuss where to store keys. Since Modernizing Medicine is deployed completely in the cloud, this information is also extremely useful to clients who are currently deployed in the cloud or are thinking about deploying to the cloud but have some questions or concerns. Modernizing Medicine implements controls defined by HIPPA, and many of these controls apply to other standards, such as PCI. Modernizing Medicine is a fast-growing SaaS company, offering electronic medical records management solution for thousands of small and medium-sizes dermatology, ophthalmology, optometry, plastic surgery, cosmetic and orthopedics practices.


Senior Site Reliability Engineer, Modernizing Medicine, Inc.
In my current position as Senior Site Reliability Engineer at Modernizing Medicine, I am responsible for the overall availability and performance of our flagship product EMA. Duties include architecture in the cloud, scaling for rapid growth, data protection and security, as well as general linux and MySQL database administration. In a previous role I was responsible for overall hardware and software architecture for a start-up, which rapidly grew into a $750 million+ public company. I love Linux, MySQL, and open source.