Availability and Redundancy Security Reflection - samuel-richardson/Sam-Tech-Journal GitHub Wiki

Problem 1: The Galera cluster is still prone to corruption

Solution:

Although the galera cluster is redundant, should bad data be written to it, a database may fail. The solution to this would be to create a backup system such that regular DB backups are made and stored in high-integrity formats.

Problem 2: Communication between the DBs is not encrypted

Solution:

Implement a CA and certs and configure the Galera cluster to make communications over encrypted TLS. This would prevent the viewing of information and prevent a rouge DB from joining the cluster without proper certs.

Problem 3: The web apps are not synced, and not all data is stored in the DB.

Solution:

Look into a way to automate the delivery of web app code and configuration to web servers and move local file storage of the web servers to a separate DB or to remote file server to ensure that they are the same.