How to Protect PHI Stored in a MySQL Server?

Server General TDE for HIPAA
How To Gain Protection Under the Safe Harbor Provision of the HIPAA/HITECH Act?

Unlike end-user workstations, mission-critical application servers like MySQL are high value targets. The MySQL database depends on the operating system for its security. Once the server OS has been compromised MySQL’s access controls mechanisms can no longer protect valuable data. The problem is exacerbated by the fact that the circle of trust for most MySQL servers (users with root privileges) is overly large and poorly controlled. A recent paper published by the National Security Agency notes that “current security efforts suffer from the flawed assumption that adequate security can be provided in applications with the existing security mechanisms of mainstream operating systems”.
In order to provide effective security and assure integrity of the data, the application that generates the data i.e. the MySQL database must run within a secure operating environment. Server General TDE™, our flagship solution, provides a multi-layered defense mechanism for the MySQL data at the operating system layer via transparent data encryption, advanced access controls mechanisms and remote logging. All of these security techniques empower MySQL’s access control mechanisms to do their job more effectively. Here are some of the challenges associated with storing regulated information (PHI) in a MySQL database:

The MySQL database stores data in flat files. A malicious “root” administrator can easily view or alter such files. This could lead to disclosure of regulated information. The HIPAA/HITECH act requires that appropriate steps be taken to secure patient information in order to qualify for relief under the safe harbor provision. There is no easy way to encrypt MySQL data – users can make use of the embedded encryption functionality of their MySQL server or put in some level of programing effort to encrypt their data. However, the organization then must deal with the pivotal issue of key management. Lack of a proper key management solution can result in only two possible outcomes: (1) a successful data compromise or (2) not being able to access data when it’s needed the most.

Sometimes organizations looking to secure their information stored in the MySQL database against a malicious database administrator (DBA) resort to column level encryption. However, it’s virtually impossible to protect information against a malicious DBA by simply encrypting columns because a malicious DBA can easily impersonate as a database user who has been granted access to the data in the clear or can simply interject herself into the datapath of clear text data by modifying a stored procedure (or triggers) utilized to decrypt columns.

Finally, poorly implemented data encryption methodology can result in lowering the security posture and also in sub-optimal performance of your MySQL database. In order to solve these and many other problems, Server General Inc. offers two solutions – Server General TDE and Server General KMS for MySQL. If you are interested in encrypting data stored in your MySQL server, then Server General TDE is the right solution for you. On the other hand if you are opting to use the embedded encryption functionality of your MySQL server (MySQL release 5.7.12 and above) to encrypt data stored in your InnoDB tables, then Server General KMS for MySQL can help you manage your master encryption key in a compliant manner.

Regulatory compliance and data security

Both Server General TDE and Server General KMS for MySQL have been designed to enable compliance with the HIPAA/HITECH Act and PCI DSS mandates. Both solutions do not require you to make any changes to your MySQL server. Hence the MySQL client applications can continue to operate normally.

Server General TDE transparently encrypts the MySQL data using FIPS 140-2 compliant algorithm – AES.

Both Server General TDE and Server General KMS for MySQL provide:
Secure key storage
Key rotation
Key revocation

Server General TDE doesn’t allow a privileged (“root”) user to access the MySQL data under its protection and Server General KMS for MySQL doesn’t allow the privileged user to access the master encryption key.

Both solutions use role-based management.

Both solutions generate audit trails which are time stamped and are stored outside of the administrative domains our customers to avoid tampering.

Please contact us if you are interested in getting 1 free license for Server General TDE or Server General KMS.