Source database security

Choose minimum privileges for Delphix DB user

The Delphix Engine requires a DB user (delphix_db) on your source databases. This account is necessary to detect the state of the source and stay in sync. Do not give unnecessary privileges to this user. Leverage the script provided by Delphix in the hostchecker bundle to create a user with the minimum required privileges. The DB user (e.g., delphix_db, which is the example used on this page) account can have the same or different user name on each of your source databases.

Protect the Delphix DB user password

Because the delphix_db user has access to sensitive data dictionary information, take steps to protect access to this account.

Use database encryption functionality to encrypt sensitive data at rest

Database vendors provide tools to encrypt data at rest. This encrypts data on disk in order to provide protection at rest. Use the database encryption on your source databases to encrypt sensitive or all data. Delphix integrates seamlessly with database encryption to provide protection at rest.

Choose encrypt and compress when linking

Delphix provides encryption capabilities when linking against your source databases. Encrypting while linking can lead to higher CPU utilization and higher throughput. This overhead can be reduced by selecting both the Compress and Encrypt options, in order to compress the data before it is encrypted. Train your Delphix Administrators to choose both options.