If MySQL is on a different machine, you need to encrypt or otherwise make sure people can't sniff the data as it's going between machines.