Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Why use encrypted backup with Percona XtraBackup 2.1 for MySQL?

DZone's Guide to

Why use encrypted backup with Percona XtraBackup 2.1 for MySQL?

· Performance Zone
Free Resource

This post comes from at the MySQL Performance Blog.

Percona XtraBackup for MySQLWe just released our first alpha of Percona XtraBackup 2.1 for MySQL and with it we included the ability to encrypt backups on the fly (full documentation here). This feature is different than simply piping the backup stream through the openssl or gpg binaries, which is what some people have used in the past. A big benefit of using the built-in encryption is that multiple CPU cores can be used for encryption (with the --encrypt-threads option). You can also combine compression and encryption, each using multiple CPU cores.

One advantage of encrypting your backups is it means you can place less trust in the place where you store your backups. Our databases hold a variety of information, some of which is rather sensitive and should be kept private. One attack vector for an adversary gaining access to all of your data is via a backup.

By using Percona XtraBackup encryption your data is private by design rather than private by placing trust in your backup storage provider. This is especially an issue if you are using cloud storage to store your backups but also applies to simple off-site backups.

Percona XtraBackup 2.1.0-alpha1 supports industry standard AES encryption and we use an existing software library (libgcrypt) to do the heavy lifting so we are in no way re-inventing the wheel. You can download it here for free.



Topics:

Published at DZone with permission of Peter Zaitsev, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}