It goes without saying that database security is top priority at Continuent. Financial Services and Healthcare organizations (among others) implement the strictest standards of data security, and so not only do we support HIPAA and PCI DSS compliance, but we also maintain the strictest boundaries and protocols with regards to the design of Tungsten software and the 24/7 Support we provide to our customers. For example, Continuent engineers never gain access to a customer’s database system.
That’s why MySQL database security is one of the primary Benefits of Tungsten Clustering.
Nonetheless, the security risk is growing. The Cybersecurity Statistics from Fortinet’s Cybersecurity Glossary sheds some light on the situation:
- The use of malware increased by 358% through 2020, and ransomware usage increased by 435% compared to the previous year, according to a study by Deep Instinct. July 2020 alone saw a 653% increase in malicious activity compared to the same month in 2019.
- More than 90% of healthcare organizations suffered at least one cybersecurity breach in the previous three years, according to the U.S. Healthcare Cybersecurity Market 2020 report.
- Security threats against industrial control systems (ICS) and operational technology (OT) more than tripled in 2020, according to Dragos Inc.’s Year in Review report.
And the financial implications are staggering:
- Cyber crime costs organizations $2.9 million every minute, and major businesses lose $25 per minute as a result of data breaches, according to RiskIQ research.
- According to research by IBM, it takes 280 days to find and contain the average cyberattack, while the average attack costs $3.86 million.
- The U.S. has the world’s highest data breach costs, with the average attack costing $8.6 million, according to IBM’s Cost of a Data Breach report.
Source: Fortinet’s Cybersecurity Glossary
As The MySQL Availability Company, we take it seriously to keep business-critical MySQL databases securely available for enterprise applications. That’s why with our upcoming major release, version 7, we’ve made the decision for all our customers that configuring the highest possible security will no longer be optional; Tungsten Clusters will ship automatically with the highest security configuration by default.
We have never had an issue with Security in all the years we’ve been around (since 2004); but it is part of our mindset of fault-tolerance that systems should be designed for prevention first, and second, recovery. And top-of-the-line MySQL database security - whether motivated by privacy, compliance, availability, financial risk abatement, consumer protection, or other reasons - is something that we want all Tungsten customers to benefit from.
While Tungsten Clustering makes it easy to migrate to hybrid-cloud and multi-cloud MySQL clusters, the option remains for customers to use native MySQL and keep 100% control of your data and full application stack. We stand by and support any customer’s plan that is best for them to keep data and infrastructure safe, and available (to the right people ;)).
Besides enabling 100% control of your database infrastructure, with Tungsten Clustering, MySQL database security is enhanced with:
- SSL encryption for all internal cluster communications
- SSL encryption for application-to-database communications
- Guidance and best practices from experienced Support staff who have implemented PCI/HIPAA/other compliance. (For example, always run the cluster as an unprivileged user.)
We’ve created a Security FAQ Page about Tungsten’s MySQL database security in response to one customer’s vendor validation, feel free to read it here: Tungsten Clustering Security FAQs.
Reach out to start a conversation to learn more!
Comments
Add new comment