Can I encrypt MySQL at the Schema / DB level?

[Benjamin Taub]

We have developed a data matching application where each user can upload their data and use the features we provide. While it will change in the future, we are currently built on MySQL. Note that each user's tables are structured differently (i.e. I couldn't put all user data into one, super long table).

We currently store each user's data in a schema dedicated to that user but all schemas are in the same DB. The only way users can get to their data is through our application and it uses one user & password to access all schemas in the DB.

As we get more folks testing our system, I am starting to think more deeply about security. One thing I'm considering is dedicating a unique UID / PW for each application user and giving that UID access only to that user's schema. In addition, I would like to encrypt each user's data using a key specific to that user (it's been suggested to me that this protects data should a bug in our application accidentally give a user access to some other user's schema).

So, my question is this: can I encrypt a Google Cloud MySQL DB at the schema level and, if so, how? If not, is the only option to create a separate instance for each user? 

Thanks!

Ben

[Aref Amiri (Cloud Platform Support)]

I could not find any documentation that Cloud SQL supports encryption at the schema level, however, you can implement column level Client-side encryption which is encrypting data before writing it to Cloud SQL.