I'm working on a rails app for our church, which stores some fairly sensitive information about our people in a MySQL database.
We have our own windows server running Hyper-V so the original intention was to spin up a VM and host on there.
Long term this sounds like the best solution, but at the moment our church has fairly poor internet connectivity (home ADSL) and I don't want to waste time now maintaining infrastructure and talking to service providers when I could be putting more time and energy into building a great app.
In this initial period I'd like to host our app on a VPS with Linode, Rackspace or Amazon.
Our leadership's concern (quite rightly) is security of our people's data, and while I can assure them all communication will be SSL encrypted over HTTPS they are still concerned about storing our data with a 3rd party.
In the scheme of things our data isn't a prime target for attackers, but I'd like to be able to give them the assurance that even if our server was wide open for any member of the public to log in and browse around the data would remain secure.
Is this possible?
Can a MySQL database be encrypted on disk to this level, but stil be accessible over a MySQL connection (via a socket or TCP port)?
On second thoughts I'm thinking it'd be a bit redundant anyway as the database connection credentials will need to be stored on disk for the rails app anyway!
Best Answer
You've essentially summarised your problem.
Even if you could encrypt the MySQL store - "all" they have to do is compromise your web server, and they get your DB credentials and can happily dump your database. The fact really is that if they can get the same level of access as you at any point - all your security efforts have gone down the drain.
Here are some general tips, but they don't replace your professional security advice:
ssh -p <port> user@host
as normal.Having said all of this, it won't make your case to the client any better. You'll still say "it's as secure as it can be" but not "the data is encrypted on disk".