DBSEC Cloud Database Encryption (MysqlTDE for short) is a database leak prevention product based on transparent encryption technology. The product enables encrypted storage of sensitive data in databases, enhanced access control, and separation of powers.
TDE (Transparent Data Encryption) encryption: A transparent data encryption technology that implements data addition and decryption functions at the storage layer by modifying the MySQL InnoDB storage engine code. Encrypt and protect InnoDB engine data files without affecting the original functions of MySQL.
MysqlTDE can prevent data leakage caused by shared storage space, prevent external hacker attacks that break through boundary protection, prevent data leakage caused by dragging databases, prevent data theft by internal high-authority users, and prevent the leakage of sensitive data from the root cause.
By using this product, the following value can be provided:
1) Prevent the sharing of storage resources from leaving traces in the database
Threat: The migration and release of databases on the cloud will cause users to worry about data leaving traces, and they need to self-confirm that the data really cannot be reused.
Protection: Efficient encryption technology, only authorized users can decrypt encrypted data, and unauthorized users cannot obtain plaintext even if they get the data. It makes data storage and transfer more secure.
2) Prevent cross-disclosure of sensitive data
Threat: Data and backup copies may take away irrelevant associated content, causing cross-disclosure of data.
Protection: Through MysqlTDE, key information is encrypted, and the encrypted data storage layer exists in the form of a ciphertext file to ensure that others cannot use the data file even if they get it.
3) Prevent external hackers from stealing data
Threat: Database privilege escalation is a common attack method used by hackers in current database vulnerabilities. Through this method, the hacker directly obtains the DBA identity and arbitrarily accesses sensitive data.
Protection: MysqlTDE's ciphertext access control system ensures that even if the database's own permissions are broken, unauthorized users will not be able to access the ciphertext data.
4) Prevent data breaches within the organization
Threat: The database account of a business system is often controlled by development and database maintenance personnel. Through this account, these personnel can directly access the database. All sensitive information in the database can be viewed and exported, which does not meet security management requirements.
Protection: MysqlTDE ensures that even high-authority operation and maintenance users cannot access sensitive data without special authorization, and that their daily operation and maintenance work will not be affected.
This product supports the BYOL method and provides a seven-day free trial license. You can call the technical support hotline 400 923 1376 for help.