We have developed a data matching application where each user can upload their data and the apply the features we provide to identify when the same entities exist in those files. While it will change in the future, we are currently built on MySQL. Each user has their own tables based on their own data. Thus, each user has a different number of tables and most have structures unique to that user (i.e. I couldn't put all user data into one, super long table).
We currently store each user's data in a schema dedicated to that user but all of these schemas are in one, common DB. The only way users can get to their data is through our application. It uses one user & password to access all schemas in the DB.
As we get more folks testing our system, I am starting to think more deeply about security. One thing I'm considering is dedicating a unique UID / PW for each application user and giving that UID access only to that user's schema. In addition, I would like to encrypt each user's data using a key specific to that user (it's been suggested to me that this protects data should a bug in our application accidentally give a user access to some other user's schema).
So, my question is this: can I encrypt a Google Cloud MySQL DB at the schema level and, if so, how? If not, is the only option to create a separate instance for each user?
Thanks! Ben
