Database security refers to the collective measures used to protect and secure a database or database management software from illegitimate use and malicious threats and attacks.
It is a broad term that includes a multitude of processes, tools and methodologies that ensure security within a database environment.
Database security covers and enforces security on all aspects and components of databases. This includes:
- Data stored in database
- Database server
- Database management system (DBMS)
- Other database workflow applications
Database security is generally planned, implemented and maintained by a database administrator and or other information security professional.
The Importance of a Database
Databases often hold the backbone of an organization.
Its the transactions, customers, employee info, financial data for both the company and its customers, and much more. are all held in databases, often left to the power of a database administrator with no security training.
Database security and integrity are essential aspects of an organization’s security posture.
What is Wrong with Nowadays Database Security?
The sad truth of it is that an organization can spend lots of time, money, and manpower trying to secure its’ online assets, yet one weak spot and the database can go down.
In Verizon’s 2009 Data Breach Investigation Report, they found that while when PoS system breaches see an average of 6% of records compromised, and 19% when the application server is compromised, database breaches see an average of 75% of the organization’s records compromised in an attack.
So it should be of no surprise that company databases are a highly sought-after prize for hackers. For just a glimpse of the damage, hackers have done to a database, this great visualization offers a taste of the number of records stolen from databases through security breaches.
How to Ensure Database Security?
Physically. In the traditional sense, this means keeping your database server in a secure, locked environment with access controls in place to keep unauthorized people out. But it also means keeping the database on a separate physical machine, removed from the machines running application or web servers.
Software-wise, with Firewalls and Web-apps. Your database server should be protected from database security threats by a firewall, which denies access to traffic by default. The only traffic allowed through should come from specific application or web servers that need to access the data.
The firewall should also protect your database from initiating outbound connections unless there is a specific need to do so.In addition to protecting the database with a firewall, you should also deploy a web application firewall. That’s because attacks such as SQL injection attacks directed at a web application can be used to exfiltrate or delete data from the database.
Encryption. It is standard procedure in many organizations to encrypt stored data, but it’s important to ensure that backup data is also encrypted and stored separately from the decryption keys.
As well as encrypting data at rest, it’s also important to ensure confidential data is encrypted in motion over your network to protect against database security threats.
The Most Common Ways to Impinge a Database
The risks involved with databases vary from organization to organization, depending on the type of information and the amount of importance it holds for the company itself.
While credit card and social security numbers are certainly dangerous, so are company plans, finances, sensitive employee info. In short — most of the databases active in company directories are in some way important to company activity.
SQL Injections are one of the biggest threats to databases, much like web apps. They can be launched on either the database or the web app that acts as a front-end to the database, yet due to the prevalence of SQL injection flaws in web apps and how easy they are to exploit, they’re more common than attacking the database.
Buffer Overflow vulnerabilities, the most common security problem for databases, occur when a program tries to copy too much data in a memory buffer, causing the buffer to ‘overflow’ and overwriting the data currently in memory. Buffer overflow vulnerabilities pose an especially dangerous threat to databases holding particularly sensitive info, as it could allow an attacker exploiting the vulnerability to set unknown values to known values or mess with the program’s logic.
Distributed Denial of Service or DDoS attacks happen most through buffer overflows, data corruption or other kinds of consumption of the server’s resources. DDoS attacks crash the server, making the database unreachable for however long the attack can be sustained.
Conclusion
Security is an important issue in database management because information stored in a database is very valuable and many time, very sensitive commodity. So the data in a database management system need to be protected from abuse and should be protected from unauthorized access and updates.
