Knowledge BaseMetric InsightsSystemDatabaseEncrypting database data at rest in Metric Insights

Encrypting database data at rest in Metric Insights

QUESTION

Is the Metric Insights application database encrypted at rest? 

ANSWER

MySQL does not provide an encryption mechanism by default for database files in /var/lib/mysql. There is an option for it but the decryption key must lie in plaintext on the same database server (low level security).

If Metric Insights is deployed to a cloud service like Amazon AWS, and encryption at rest is needed, you could use RDS encryption settings. This of course requires the application database to reside on RDS to begin with.

Please reference this AWS doc for more: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Encryption.html