Security

MariaDB SkySQL has been designed and built from the ground up to incorporate security features by default.

GRC and Infosec Features

MariaDB Trust Center

Information on the security controls present in MariaDB SkySQL service delivery can be found in the MariaDB Trust Center.

Controls include:

  • Access Control and Monitoring

  • Infrastructure and Network Isolation

  • Secure Development Lifecycle (SSDLC)

  • Encryption

Compliance solutions include:

  • Business Associate Addendum (BAA) for HIPAA

  • Data Processing Addendum (DPA) for GDPR

Amazon Infrastructure

MariaDB Enterprise on SkySQL services on AWS rely on Amazon Elastic Kubernetes Service (EKS), which is a component of Amazon Web Services (AWS).

MariaDB SkySQL inherits many availability features from EKS and AWS:

  • Data is always encrypted at rest.

  • File systems used by operating system are locked down, where possible.

  • Number of operating system logins is controlled.

  • Operating system's root login is disabled.

Google Infrastructure

MariaDB Enterprise on SkySQL services on GCP rely on Google Kubernetes Engine (GKE), which is a component of Google Cloud Platform (GCP).

MariaDB SkySQL inherits many availability features from GKE and GCP:

  • Data is always encrypted at rest.

  • File systems used by operating system are locked down, where possible.

  • Number of operating system logins is controlled.

  • Operating system's root login is disabled.

Powered by Kubernetes

MariaDB Enterprise on SkySQL services run in containers powered by Kubernetes and inherit many availability features from Kubernetes' security functionality:

  • Privileges within the container are tightly restricted by a security context that prevents malicious users from gaining root privileges.

  • Network access is restricted by network policies.

Built on ServiceNow

MariaDB Enterprise on SkySQL services are built on top of ServiceNow's highly secured platform.