MySQL Security Technical Implementation Guide (STIG)
The Department of Defense (DoD) approves and publishes the Security Technical Implementation Guide (STIG) for MySQL Enterprise Edition 8.0. The Defense Information Systems Agency (DISA) evaluated MySQL Enterprise Edition against stringent DoD’s security requirements. The resulting guide for MySQL Enterprise Edition provides comprehensive steps towards meeting security requirements for government systems.
DISA STIGs Include a Description of Requirements Explaining:
- What are the related security risks and vulnerabilities?
- Is a vulnerability applicable to a product?
- Whether the product has inherent protection or if you need to check the product settings.
- Which settings to inspect and how - pass (protected) or fail via a series of checks.
- Changes needed when a check fails.
- Other mitigating actions to put in place to minimize security risk.
- Use of additional products to provides added protection.
Guides DBAs Through The Following Areas:
- Deployment
- Configuration
- Management
- Security and Risk Assessment
- User Management
- Event Auditing
- Enforcing Security Policies
- Hardening against attacks
The Guide Includes:
- Expertise and documented approval of the DoD
- Checkup Queries
- SQL statements for security hardening
- Configuration Settings
- Related Operating Systems Security Settings
- Example Audit Filters
- Integration with advanced authentication services
- Management of Keys
- Analysis and assessment of audit data
- Password and Account Policy enforcement
Leverages Powerful MySQL Enterprise Edition Features
- Auditing
- External Authentication
- Key Management
- Transparent Data Encryption
- Encryption (symmetric, asymmetric, PKI, RSA, certificates, signing)
- Firewall
- Data Masking