How to use MyDiamo with WordPress
This post shows how to install and operate MyDiamo when working with blogging platform “WordPress” on databases such as “MySQL” or “MariaDB“. Now, we will assume that an attack has occurred on a blog in order to show how to prevent various attacks by using MyDiamo with WordPress.
Many attackers and insiders attempt to obtain the root account by SQL injection or cross site scripting. They attempt to acquire the root account so that they are able to access the sensitive data from the server. However, even if the root data is encrypted with MyDiamo, if the attackers have gain privilege for decryption, there is no use in securing the data. If the attackers obtain the root account, encryption will be meaningless. They will decrypt the secured data and all sensitive information would be in their hands.
To combat this problem, MyDiamo provides a solution. By giving the decryption privileges to another account, the root account is only able to encrypt the data. In our example case, we will give the decryption privilege to the “wordpress” account.
You can see that the encryption privilege is given to the root account and the decryption privilege is given to the “wordpress” account.
Since the root doesn’t have decryption privileges, the attackers also cannot access to the secured data even if they gain access to the root account.
Then how do we decrypt the data when we need the raw data? We decrypt it with the “wordpress” account.
MyDiamo with WordPress is essential for securing data when working with your WordPress blog, or even managing a business website.
With column-level encryption, MyDiamo gives efficiency to users as you no longer need to encrypt the whole file. Only sensitive data can be masked. In addition MyDiamo can give encryption and decryption privileges to separate accounts. This can be safer for securing sensitive data, because even if the attacker gets their hands on the root account, the data cannot be decrypted.