MySQL Security Enhancements and Important Security Tips for ISVs & OEMs

Keeping your customers' data safe and compliant with standards such as HiPAA, Sarbanes-Oxley, and PCI Data Security is easier with three recently released MySQL security capabilities:

MySQL Enterprise Security, which includes external Authentication for PAM and Windows; MySQL Enterprise Audit, a policy-based Auditing solution; and new Password Management capabilities. This technical presentation provides an overview of these features and practical tips on using them. It also covers important best practices for the software and hardware vendors that include MySQL with their products, such as:

  • Changing MySQL's default settings (which assume the physical server and file systems have restricted access though they often do not when MySQL is embedded / bundled.)
  • Setting MySQL to install securely
  • Obscuring InnoDB data
  • Making your application aware of database file tampering