6. Secure MySQL Database Server

We set up a MySQL database server which is only accessible through valid username and password authentication. Users can be given certain permissions so that they can only access the data which is theirs and they are supposed to have access to. There is a root account which will be limited in use and has access to all databases. This ensures that any changes to the database are done by valid users who are supposed to be able to change that data. In addition, since we enabled OSSEC protection with MySQL, any authentication issues or other MySQL problems should be logged in OSSEC as well.