LAN / MySQL Security Tips

We a question recently about securing your local MySQL database, so here are my suggestions. We cannot assist with any local networking requirements for your facility, and if you have concerns we suggest you contact a local IT professional.

* Your RGP workstations need access to the MySQL server within your local area network (LAN). Thus you need to make sure port 3306 is open within the software firewall for your MySQL server. This is only a requirement for your server computer and you absolutely do not want your hardware/router firewall to expose your MySQL server to the outside internet!
* If your customers have access to a WIFI network within your facility, they absolutely should be on a separate network than your MySQL server. You can split your single internet into two WIFI networks easily.
* It is imperative that your entire facility's LAN and WIFI networks be secure from outside threats. You can accomplish this by having security in place on your internet router and/or installing a quality hardware fireall.
* We highly recommend ESET antivirus be running on all your computers. It's inexpensive, reliable, and not a resource hog like the other virus software.
* The offsite RGP backup happens via standard "outbound" web requests, and nothing special needs to be in place for this to operate. Some antivirus software complain about MySQL, in which case you either need to switch to ESET or add an exception in your antivirus for MySQL. Your offsite backup is secured on our servers by your private encryption key.

Hope this helps!
Andy