Website Technology

How Techno Infonet helps its clients to secure data through MySQL Data at Rest Encryption

MySQL Data that is actively travelling from one point to another, such as via the internet, is referred to as data in transit because the data is in motion. Data that has been stored in a particular destination is called data at rest. Protecting the data at rest (when the data is already on disk) and its storage destination using encryption and appropriate access controls is becoming more and more essential to avoid the risks of unauthorised data access. Most web and mobile applications today store sensitive data collected through user interaction in databases. With the recent spike in database security breach cases, many businesses have started looking at database encryption seriously. Data that has not been encrypted is referred to as plaintext, and data that has been encrypted is referred to as ciphertext. While numerous security measures exist to protect a system against intrusion or attack, encryption is considered to be a critical fail-safe mechanism that helps in an event of a data breach. This is because encryption does not stop data theft or hacking itself, instead, it makes the data stolen unusable by converting plaintext into ciphertext. This text is impossible to read without a proper decryption key. Data encryption is considered extremely important, especially for businesses dealing in financial services, health services or eCommerce services. Recently one of our clients working with the finance domain needed a web-based application. The application would store confidential information like the personal details and the financial transactions of its users in a MySQL Database. Because the application would be accessible to anyone on the internet, it was crucial to have a strong protection layer to secure the data. This can be done at the application-level code itself, but this would prove ineffective in an event where the application itself gets compromised. After thoughtful consideration and several discussions with the client, our tech team came up with 2 alternatives to encrypt the data at rest for the MySQL database. The alternatives being considered were Database tables Encryption and Inbuilt Function Encryption. Each of these methods has its pros and cons. It’s important to take into consideration the technical environment and infrastructure while choosing the suitable method that fulfils your requirements. To help the client make the right decision, our team not only elaborated on the pros and cons, but also presented different use cases for each method. Based on the discussions, both the client team and our technical team mutually decided to go ahead with Database tables Encryption. Highly Specialized Database Encryption Provider Ready to Talk Under this method a two-tier encryption key architecture is built through AES 256 Encryption, consisting of a master key and a table space key. Here the table space key is used to encrypt the tablespace of a MySQL database which is running on the InnoDB storage engine. The table space key is further encrypted using a master key and stored in the tablespace header. When a request is made to access MySQL data, InnoDB would first use the master key to decrypt table space key present in the tablespace header. Next, it decrypts the tablespace using the decrypted table space keys and makes the data available for read/write operations. The major benefit of selecting this method is that no changes are required to be done at the application/code level. Moreover, the encryption keys are managed by MySQL itself instead of the database admin. Under a scenario where only a particular set of data needs to be encrypted and the application is assured of being protected from unauthorised access, inbuilt function encryption would be a more preferable option. We hope that the above article has helped you develop a basic understanding of the MySQL database encryption. Check out our Database Encryption Service page to find out more about how we help our clients in securing their data. In case you are looking for a service provider to encrypt your MySQL Database, our team is just an email away.

Website Technology

Google IO 2016 - The Major Developments

Google IO 2016 provided a big stage for the major platform developers, executives, and engineers to come together and discuss the various products being launched in the days ahead. Google also makes major announcements during the event, which goes to

Website Technology

Tips to keep in mind while getting your business website redesigned

Promoting your products and/or services as well as keeping your customers informed about your business in a proper way is impossible without a website. However, just having a domain address that does not help the web visitors is a strict no-no. You d

Transform Your Business With Digital Enterprise Solutions

Contact us

Our Offices

INDIA AHMEDABAD, INDIA

401, One World West, Nr. Ambli T-Junction 200, S P Ring Road, Bopal, Ahmedabad, Gujarat 380058

UK
UK

Kemp House 160 City Road, London, United Kingdom EC1V 2NX

GERMANY GERMANY

Nürnberger Str. 46 90579 Langenzenn Deutschland

AUSTRALIA AUSTRALIA

Level 36 Riparian Plaza, 71 Eagle Street, Brisbane, QLD 4000

USA USA

4411 Suwanee Dam road, Bld. 300 Ste. 350 Suwanee GA, 30024

SOUTH AFRICA SOUTH AFRICA

Cube Work Space, 24 Hans Strijdom Avenue, Cape Town

UAE DUBAI, UAE

B 503 Sama Tower, Sheikh Zayed Road, United Arab Emirates

country-flag CANADA

34 Applegrove Ct. Brampton ON L6R 2Y8