MySQL without SSL?

Hi,

First, let's start with MySQL and AD Integration. AD Integrated is supported with MS SQL and Devolutions Server only. I know that a module exists to
integrate MySQL to AD, sadly we aren't supporting it.

Then having the data on a dedicated infrastructure is more secure than having then on a shared infrastructure. I personally don't like the idea of having my company password on a shared server.
Sure, the data are encrypted in the database but you can't guarantee that someone is taking a copy of the database or create a user in the same database.

Now about the concerns;
1. Databases can be encrypted with the "Security providers" feature, this will encrypt sensitive information. The database itself isn't fully encrypted, some information as the entry name is stored in clear text.
The procedure to implement security provider can be followed at https://help.remotedesktopmanager.com/administration_securityproviders.html?q=security+providers

2. Using MySQL without SSL encryption isn't recommended I found in MySQL documentation (https://dev.mysql.com/doc/refman/5.7/en/encrypted-connections.html) this text that perfectly explains the reason why.
"With an unencrypted connection between the MySQL client and the server, someone with access to the network could watch all your traffic and inspect the data being sent or received between client and server."

MySQL doesn't explain what kind of traffic is listening in this text but we know that the authentication process isn't the best when SSL isn't enabled.

3. In this concern the security provider will be required to decrypt the database information. So if you only have a database login, you won't be able to see sensitive information in the database. As explained in point 1 some field in the database isn't encrypted. I recommend that your browser a staging database configure are you are looking for and to confirm that you accept the risk with the information in cleartext.

4. We aren't supporting SQL to MySQL migration. The schema used in the SQL database isn't completely identical to MySQL's schema. To migration the database you have to export the database using the export and import option in RDM https://help.remotedesktopmanager.com/file_export.html?q=export.

These steps are needed for the shared vault and each private vault. So each user will have to perform an export and import.
All the security configurations (users, roles, and groups) will need to be recreated.

Also during my research, I found an amazing article about MySQL's communication. In this article, we can read a paragraph that fairly explains how
SSL is important with MySQL:
"Despite the added improvements, do not feel complacent about the security of the new protocol. It is still recommended to block access to the MySQL port on the firewall, and if this is not possible, require the clients to use SSL."
The article link is https://www.oreilly.com/library/view/understanding-mysql-internals/0596009577/ch04.html

That said, with the number of users you have, other options could be a great alternative. If you want MySQL, using an AWS dedicated infrastructure keep security and privacy at a high level of confidence.
Another option is to use a SAAS service with Azure for hosting an MS SQL database.

Otherwise, you can look at Devolutions Password Hub which can be a great SAAS solution for up to 15 users (https://password.devolutions.net/fr)

I hope this answers well the questions. Feel free to ask for further explanation if something isn't clear.