Data Security / Encryption

Dear all,

Many of my customers (SugarCRM 7.x or 8.x Pro or Ent) ask us what is the best question to secure SugarCRM data.

Of course, we recommended the main "standards" security options (role/team for end user, VPN access, HTTPS, restricted access to database etc.).

But, the "new" question is more to also secure the database content itself ; is there any standard solution to easily encrypt the database content but let SugarCRM work without restriction.

We know that we could created "encrypted" field inside SugarCRM but the target is more a global database encryption.

It should be a weird question but I'm not a system security expert, so I am open to all your suggestions or experiments.

Kind regards,

Fred

Parents
  • Assuming it's on site, the best thing you can do is make it so that the database and web server are 2 different boxes.  Make the web server public, but firewall the crap out of the SQL server only accepting connections on port 3306 from the web server.  Even better, change the default 3306 port to something else.  Disable remote login as root and set a new user in MySQL that is only accepted from the IP of your webserver (which should be on the same network).  Then only grant it privilege for the sugar database it needs.  Dont give that user full access.  

    Also set the SQL server firewall to only accept SSH connections from the IP you choose, or even better, disable SSH entirely and require a KVM to it or at the very least, dont leave it at port 22.  If you must leave SSH open, use a local ip or jump box of some sort.  This prevents file system access where an attacker could just download the MySQL folders locally and brute force it offsite.  

    This does 2 things.  It hides your SQL server from the public and only allows Sugars web server to talk to it from a specific IP and ONLY to the table that holds sugar data. That keeps it out of the users table etc. There's not much need in my opinion to enrypt the SQL data after that.  Sugar's web server at that point should be the only vulnerability point and if Sugar is vulnerable, well, there's not a ton you can do about that except stay on the most recent version.

  • Just remember, your security is only as strong as the weakest link.  If someone can get on your web server then they can get to you DB server no matter where it is or how hardened it is.  It might be that obfuscation would be more helpful than encryption at the web server.

  • Good point Ken. This statement is off topic but Elasticsearch would be easier pickings if someone got shelled in.

Reply Children