MySQL is the most popular open source relational database system and is in wide use in commercial and non-commercial environments. It is natural that developers and security professionals want to know how to encrypt sensitive information stored in MySQL databases.
While MySQL does not implement a Transparent Data Encryption (TDE) solution like Microsoft SQL Server and Oracle Database, you still have options to get the data protected with strong encryption and use a defensible encryption key management strategy.
With a strong encryption key management solution you can encrypt data in two ways in MySQL databases to meet compliance regulations for proper encryption key management:
1. Column Level Encryption:
Alliance Key Manager provides shared libraries for Windows and Linux that provide the technical support for SQL Views and Triggers with User Defined Functions (UDFs). Using these shared libraries lets the developer fully automate the encryption tasks without changes to application code. Alliance Key Manager provides an example of how to do this in a Windows Server operating system context.
2. Encryption in Application Code
Second, Alliance Key Manager provides many shared libraries and application code examples if you need to implement encryption in your applications. The extensive library of code examples include Java, PHP, Ruby, Python, Perl, C/C++, C#, VBNET and others. You can encrypt data in your applications, or send the data to the key server for on-device encryption. The on-device encryption option is a favorite of web developers who don’t want to expose encryption keys in their web server application.
About Alliance Key Manager
Alliance Key Manager is a NIST validated, FIPS 140-2 compliant solution that meets PCI DSS and other compliance regulations for protecting encryption keys. You can deploy the key server as an HSM in your own data center or in our hosting center, or as a VMware instance, or as a cloud application running in PCI DSS certified infrastructure. Alliance Key Manager is available with a number of licensing options that will meet the budget constraints of any organization.