DocsSecurity and Privacy

Security and Privacy

Overview

Crystal DBA is designed from the ground up with security and privacy in mind. We know that your database likely contains sensitive data, and we take seriously our responsibility to help you protect it and keep it secure.

Security advice

Providing advice on how to secure your database is a core feature of Crystal DBA. See the user guide for information and examples of how to take advantage of these features.

Secure architecture

You can use Crystal DBA in various configurations. While the details of the mechanism vary, some principles hold across all configurations:

  • Data stays in the database. You can configure Crystal DBA with a database role that has limited privileges. This allows Crystal DBA to read configuration information, schema information, and performance metrics from the database, while preventing it from reading the actual content of the tables in the database. The Crystal DBA monitoring agent never reads the actual content of the tables in the database, and we take care to ensure that logs are scrubbed of any sensitive information.
  • Read-only access. Crystal DBA never writes to your database. For extra assurance, we recommend that you create a read-only role for Crystal DBA to use.

These are the additional security considerations for each of the deployment models:

Individual deployment model

In this configuration, the Crystal DBA CLI tool connects to your database using the credentials you provide, and it never transmits these credentials to the cloud service. You should ensure that the connection between the CLI tool and the backend database is secured. You may do this by using a VPN, an ssh tunnel, a tls encrypted database connection, or other means.

The connection between the CLI tool and the backend database is encrypted. Each request is signed using http message signatures and using a unique key-pair that is generated for each CLI installation.

The Crystal DBA CLI tool is available as open source.

Team deployment model

In this configuration, the Crystal DBA installation has an additional component: a collector agent that runs in your environment. This collector agent transmits data continually to the cloud service. The collector runs within your environment, and you will typically configure the agent to connect to your database in a way similar to the way your application connects to the database. You create a PostgreSQL role for the collector that has limited privileges. We recommend adhering to the principle of least privilege and configuring its role to deny access to database table content. The collector only needs access to schema information and system performance metrics. The collector also includes filtering code to remove PII from query strings, logs, and table statistics.

The collector also connects to the cloud provider APIs. You create an IAM role or service account with the necessary permissions to pull relevant logs and events from your cloud environment. This is a read-only role that supports observability, but does not grant privileges for updating the system configuration or accessing database content.

The collector agent is available as open source.

Custom deployment model

The custom deployment model inherits all of the benefits of the deployment models discussed above, but allows you to tailor the specifics to conform to your organization’s specific security, compliance, and governance policies.

Depending on your requirements, we can provide dedicated virtual servers within the Crystal DBA cloud environment, a dedicated cloud account, or an installation within your existing cloud account or VPC, i.e., Bring Your Own Cloud (BYOC). Crystal DBA also compatible with on-premises and air-gapped deployments as well.

AI security and privacy

AI evokes security and privacy considerations that deserve special attention. AI systems depend on training data, which introduces the risk that information used during training could be exposed when a model is later used.

In both individual and team deployments, Crystal DBA uses APIs from commercial LLM providers such as OpenAI and Anthropic. We work only with providers who guarantee that API data will not be used for model training.

As described in the Customer Terms and Conditions, Crystal DBA cloud collects usage data, including and Database Metadata. We will only use this data for training if you opt-in to help us improve our models, and in that case only after transforming to ensure it is scrubbed of identifiable information and otherwise suitably anonymized. We never use Customer Data, the content of your database, for training.

AI safety

Crystal DBA should be your to be your trusted advisor, and we are committed to earning your trust. Databases are the backbone of the infrastructure for many organizations, so it’s critical that following advice from Crystal DBA never causes issues.

AI safety has many aspects, ranging from enabling bad actors, to making biased decisions, to existential risks. In the context of Crystal DBA, what matters most is that our product makes good recommendations. We take the Hippocratic oath as a governing principle, training our models to prioritize avoiding harm. Together with a robust and safety-oriented approach to development and testing, helps ensure that Crystal DBA is a reliable product that does what it is supposed to do.

Contacting us

To report any security concerns, please contact security@crystaldba.ai.