Mike, Encrypted filesystems can seriously impact performance of MySQL.
Its an entirely different issue to MySQL encryption but one would hope that, if you are going to go to all the trouble of using two part keys and the strongest encryption available in your database, you would also take as much care of your hardware by ensuring that it is kept secure and not left in the hands of an untrustworthy isp, disposed of in an insecure manner or kept in an insecure office. John Daisley Certified MySQL 5 DBA / Developer Cognos BI Developer Tel: +44 (0)1283 537111 Mobile: +44 (0)7918 621621 =================== -----Original Message----- From: mos <mo...@fastmail.fm> Sent: Sunday, March 21, 2010 3:40 AM To: mysql@lists.mysql.com Subject: RE: MySQL Encryption At 05:54 PM 3/20/2010, John Daisley wrote: >Jim > >In the case of our encrypted data no user, application or script is given >access to the tables in question. Access is only granted via a couple of >stored procedures and to be honest if you didn't know which ones you would >have a hard job finding them as we have hundreds. > >Problem with keeping any part of the key in a place other than the mysql >server is you add complexity and give yourself a whole bunch of new >security concerns as you then have to transmit the 'key part' to the mysql >server over a network. > >For someone to take complete control of our mysql server and compromise >our data they would need to guess a username and password for the box in >under 3 attempts, then guess the root password and then guess a valid >mysql username and password. > >The biggest headache for us, and one which is often overlooked is 'How do >we keep our backups secure' Or they can find your drive in the local swap shop after the ISP retires your drive for a new one. Or if you are doing your own hosting, the local bne artist will do a smash and grab if they find out you have computers in your office. It happens all the time over here, even government offices aren't immune. Of course if your competitors want your information bad enough, they'll bribe one of the support staff to make an extra backup, or your competitor will hire people to recover your drive. Corporate and intra-country espionage is growing rapidly and is largely unreported by the ISP and the companies that were hit. There are many ways your drive can grow legs and walk out of there. So storing all of the passwords on the drive isn't secure enough, unless the drive itself is encrypted with a password known only to a few people in your company. Never trust the internet service provider to be your only means to protect your data or your drives. Mike >-----Original Message----- >From: Jim <j...@lowcarbfriends.com> >Sent: Friday, March 19, 2010 4:22 PM >To: John Daisley <daisleyj...@googlemail.com>; mysql@lists.mysql.com >Subject: Re: MySQL Encryption > >Thanks for the reply, John. > >What you are describing seems to be the approach I've seen on the few >places I've seen this topic discussed. > >I've been considering something along those lines, essentially a two >part key. > >Part one of the key is made from some data that is in the record I want >to protect and it is different for each record, very much like you suggest -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/mysql?unsub=arch...@jab.org