Plato is a cloud service that connects to your database over the internet. We also offer a self-hosted version of Plato that runs on your own servers or inside your VPC, which you can get by contacting [email protected].
If your database powers a production application or contains sensitive data, we strongly recommend running it behind a firewall that limits connectivity to known network addresses. To connect Plato, you can then whitelist our IP address, 34.82.67.27.
Please see How to connect a database for more details.
We strongly recommend you encrypt traffic between Plato and your database by configuring Plato to connect over an SSL connection.
For additional security, you may choose to authenticate Plato’s database user with an SSL client certificate. SSL certificates provide additional security on top of username/password auth, because they cannot be phished, guessed, or socially engineered. To authenticate with an SSL certificate, your database must first be configured to accept SSL as a client authentication mechanism.
Please see How to connect a database for more details.
Plato never stores your row data. All queries run by Plato are executed against your live database.
When you connect a database, Plato does encrypt and store your access credentials.
While Plato is a convenient tool for making manual updates to your database, it is often wise to configure your database or individual tables to be read-only. Plato offers two different ways to do this.
We strongly recommend provisioning a new user to connect Plato to your database. To ensure no user in your workspace ever uses Plato to write to your database, you may choose to configure this user to have read-only access.
Plato lets you secure your data with a simple locking feature that marks data as read-only. You can lock data at the database, table, and column levels.