DocsSecurity and Privacy

Security and Privacy

Overview

AutoDBA is designed from the ground up with security and privacy in mind. We know that your database likely contains sensitive data, and we take seriously our responsibility to help you protect it and keep it secure.

Security advice

Providing advice on how to secure your database is a core feature of AutoDBA. See the user guide for information and examples of how to take advantage of these features.

Secure architecture

You can use AutoDBA in various configurations. While the details of the mechanism vary, some principles hold across all configurations:

  • Data stays in the database. AutoDBA will read configuration information, schema information, and performance metrics from the database. However it does not read the actual content of the tables in the database. We also take care to ensure that logs are scrubbed of any sensitive information.
  • Read-only access. AutoDBA never writes to your database. We recommend that you create a read-only role for AutoDBA to use.

These are the additional security considerations for each of the deployment models:

Standalone Deployments

In this configuration, AutoDBA is fully contained on the machine on which it is installed. This could be a laptop or a cloud server. In any case, it is up to you to ensure that the machine is secure. AutoDBA will connect to the database using whatever credentials you have configured. It enforces the use of encryption for any connections that traverse the network.

Cloud Deployments

In this configuration, AutoDBA has two components: a collector agent that runs in your environment and a cloud service operated by CrystalDB. The collector runs within your environment, and you will typically configure the agent to connect to your database in a way similar to the way your application connects to the database. You create a PostgreSQL role for the collector that has limited privileges. We recommend adhering to the principle of least privilege and configuring its role to deny access to database table content. The collector only needs access to schema information and system performance metrics. The collector also includes filtering code to remove PII from query strings, logs, and table statistics.

The collector also connects to the cloud provider APIs. You create an IAM role or service account with the necessary permissions to pull relevant logs and events from your cloud environment. This is a read-only role that supports observability, but does not grant privileges for updating the system configuration or accessing database content.

The collector agent is available as open source.

Custom Deployments

The custom deployment model inherits all of the benefits of the cloud deployment model discussed above, but allows you to tailor the deployment to conform to your organization’s specific security, compliance, and governance policies.

Custom deployments are architecturally identical to the cloud deployment, but allow more flexibility in how the cloud service components are deployed.

For example, we can provide enterprise customers with dedicated virtual servers within the CrystalDB cloud environment. We can also support Bring Your Own Cloud (BYOC) deployments where the agent runs in a cloud account that you provide. When needed, we can support on-premises deployments as well.

AI security and privacy

AI raises security and privacy considerations that deserve special attention. AI systems depend on training data, which introduces the risk that information used during training could be exposed when a model is later used.

In the standalone deployments of AutoDBA, models run locally, so no third parties ever gain access to information about your database.

In cloud deployments, CrystalDB uses APIs from commercial LLM providers such as OpenAI and Anthropic. We work only with providers who guarantee that API data will not be used for model training.

As described in the Customer Terms and Conditions, CrystalDB cloud collects usage data, including and Database Metadata, which may be used for improving the performance of our products. Such data never contains Customer Data, which is the content of the database itself.

AI safety

AutoDBA should be your to be your trusted advisor, and CrystalDB is committed to earning your trust. Databases are the backbone of the infrastructure for many organizations, so it’s critical that following advice from AutoDBA never causes issues.

AI safety has many aspects, ranging from enabling bad actors, to making biased decisions, to existential risks. In the context of AutoDBA, what matters most is that our product makes good recommendations. We take the Hippocratic oath as a governing principle, training our models to prioritize avoiding harm. Together with a robust and safety-oriented approach to development and testing, helps ensure that AutoDBA is a reliable product that does what it is supposed to do.

Contacting us

To report any security concerns, please contact security@crystaldb.cloud.