Database Security & Performance
Rietta has decades of experience deploying, optimizing, and securing open source SQL databases with MySQL, MariaDB, and PostgreSQL. Since availability is an aspect of security, we have worked with clients to optimize performance so that the data will be available to authorized users.
Our founder, Frank Rietta, has a long history with database security. His student research was related to detecting SQL injection attacks (published by the ACM) and he contributed to the security chapter of the 7th edition of the Fundamentals of Database Systems textbook published by Addison-Wesley. He has spent the last two decades helping clients keep their databases secure.
Security
SQL databases are the critical infrastructure of all modern business. These systems store the crown jewels for any organization and insecurity will directly lead to data breach risk. Elements of securing databases include:
- Keeping the database server up-to-date on supported versions
- Proper configuration of firewall and AWS security groups
- Strong and rotated passwords used by applications to access data
- Appropriate use of database access controls including role-based access control to protect customer data
- Encryption of special records at the row or column level to protect sensitive data
- Code review of application code that accesses the database to detect and remediate SQL injection and stored SQL injection risks
Performance
Few things are more frustrating to users than a slow database. The application was fast the day it was launched but as the years went by became slow as molasses. Rietta has helped our clients overcome this by reviewing database uses, adding SQL indexes, and other optimzations. A performant database that is reliable and avaliable to authorized users is a security win!
Conversion (Extract, Transform, and Load)
When upgrading applications it is sometimes neccesary to switch database platforms. Sometimes there are good tools available that automate much of this process, but other times a full extract, transform, and load (ETL) project is neccesary. Rietta has conducted dozens of successful ETL projects, including some that were extremely complex and involved fully deprecated systems.
Application Assessment
We have significant experinece accessing custom application code for SQL injection and other database risks. Learn more about security assessments by Rietta.
Next Steps
If you'd like to discuss your specific requirements, feel free to schedule a free consultation. We'll provide detailed information about our services and tailor a plan to meet your unique needs. You can reach us at our Atlanta office: +1 (770) 623-2059.