How the MPC-SQL database security layer works: proxy architecture, mathematical shredding, split-brain storage, supported databases, and deployment.
Happy CISO sits as a transparent MPC-SQL proxy between your application and your database. Queries pass through unchanged; protected columns are encrypted on the way in and decrypted on the way out. Your schemas, ORMs, and application code stay exactly as they are.
Your application connects to Happy CISO exactly as it would connect to the database—same drivers, same connection strings, same queries.
The proxy intercepts queries in-flight, applies selective column-level encryption to protected fields, and mathematically shreds sensitive values into fragments.
Fragments are distributed across separated domains (split-brain storage). The database itself only ever holds ciphertext for protected columns—it stays blind to plaintext PII.
Sensitive values are shredded into fragments that reveal nothing on their own. No single fragment—and no single fragment holder—can reconstruct the original data.
Encryption and decryption happen on the wire, transparently. Reads and writes to protected columns work as normal from the application's point of view.
Fragments live in separated domains, so no single system or administrator ever holds enough material to recover plaintext—including your own DBAs.
You choose exactly which columns to protect—PII, credentials, financial fields—while the rest of the database runs at full native speed.
Happy CISO deploys in front of the storage engines you already run—relational, document, cache, and warehouse.
Deployment is a connection-string change, not a migration project. Point your application at the Happy CISO proxy, declare the columns to protect, and plaintext disappears from your storage tier—at rest and in transit.
Route your application's database connection through the MPC-SQL proxy
Select the sensitive columns to protect—PII, credentials, financial data
New writes are shredded and encrypted transparently; existing data can be migrated in place
Confirm your database holds no plaintext for protected columns—there is nothing left to breach