When we give privacy or security advice, we usually talk about strong passwords, backing up your data, using security applications, keeping systems up to date, and avoiding default settings. In general, these are the most basic and essential precautions any systems manager must consider. However, depending on the system you want to protect, there are some additional issues to take into account.
Given the alarming frequency of information theft and leaks, here are five key tips for keeping databases secure, especially when they are hosted in the cloud or by third-party providers.
1. Control access to the database
My grandmother used to say “too many cooks spoil the broth” whenever all the grandchildren wanted to help her with the cooking.
It turns out that this old saying is spot on when it comes to information security: when lots of people meddle in something, the result is rarely a positive one.
THE MORE YOU LIMIT PERMISSIONS AND PRIVILEGES, THE BETTER
The same thing applies to databases: the more you limit permissions and privileges, the better.
Rigorous access control is the first step to keeping attackers away from your information. In addition to basic system permissions, you should also consider:
- Limiting access to sensitive data for both users and procedures—in other words, only authorizing certain users and procedures to make queries relating to sensitive information.
- Limiting the use of key procedures to specific users only.
- Whenever possible, avoid simultaneous use and access outside normal or office hours.
It is also a good idea to disable all services and procedures that are not in use, in order to prevent them from being attacked. In addition, whenever possible, the database should be located on a server that is not directly accessible from the internet, to avoid information being exposed to remote attackers.
2. Identify sensitive and critical data
The first step, before considering protection techniques and tools, is to analyze and identify what important information must be protected. To do so, it is important to understand the logic and architecture of the database, to make it easier to determine where and how sensitive data will be stored.
Not all of the data we store is critical or needs protection, so it makes no sense to spend time and resources on this type of information.
We also recommend keeping an inventory of the company databases, being sure to take all departments into account. The only way to effectively administrate and avoid losing information is to know about all of the company’s instances and databases and keep a record of them.
What’s more, an inventory is particularly useful when doing an information backup, to avoid leaving critical data out of the scheme.
3. Encrypt information
Once the sensitive and confidential data have been identified, it is good practice to use robust algorithms to encrypt that data.
When an attacker exploits a vulnerability and gains access to a server or system, the first thing they will try to steal is the databases. These are a valuable treasure, as they usually contain many gigabytes of valuable information; the best way to protect a database is to make it illegible to any person who accesses it without authorization.
More information can be found in our free guide encrypting corporate information.
4. Anonymize non-productive databases
Many companies invest time and resources in protecting their productive databases, but when developing a project or creating a test environment, they simply make a copy of the original database and start to use it in environments that are much less tightly controlled, thus exposing all the sensitive information.
Masking, or anonymization, is a process through which a similar version is created, maintaining the same structure as the original but modifying the sensitive data so that it remains protected. With this technique, values are changed while maintaining the format.
The data can be changed in different ways: mixing it together, encrypting it, mixing up the characters or substituting words. The specific method used and the rules and formats that need to be respected will be up to the administrator, but whatever method is used, it must ensure that the process is irreversible; that is, no amount of reverse engineering will enable anyone to obtain the original data again.
This technique is especially used – and recommended – for databases that are part of a testing and development environment, because it allows you to preserve the logical structure of the data while ensuring that sensitive client information is not available outside the production environment.
5. Monitor your database activity
Being aware of auditing and recording actions and data movement means that you know what information has been handled, when and how, and by whom. Having a complete history of transactions allows you to understand data access and modification patterns and thus avoid information leaks, control fraudulent changes and detect suspicious activity in real time.
Remember to follow these tips and be very careful when managing and protecting your databases. The information they hold is very valuable to the company and a very attractive prize for attackers, so it should definitely deserves your full attention.
written by Cecilia Pastorino, ESET We Live Security