Scribd
Upload
142 views

Database Security

Uploaded by

unzilaabdulrauf
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
142 views

Database Security

Uploaded by

unzilaabdulrauf
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 22

Database

Security
Agenda
Data administration and database
administration

3
Data administration

4
Data administration tasks

5
Database administration

6
Database administration tasks

7
Comparison of data and database
administration

8
Database security includes a variety of
measures used to secure database management
systems from malicious cyber-attacks and
illegitimate use.
What is
Database
Database security programs are designed to
protect not only the data within the database,
but also the data management system itself, and
Security? every application that accesses it, from misuse,
damage, and intrusion.
Database security encompasses tools,
processes, and methodologies which establish
security inside a database environment.
• Many software vulnerabilities, misconfigurations, or patterns of misuse
or carelessness could result in breaches. Here are a number of the
most known causes and types of database security cyber threats.

Database • Insider Threats


Security sources, each of which has privileged means of entry to the database:
• An insider threat is a security risk from one of the following three

Threats • A malicious insider with ill-intent

• A negligent person within the organization who exposes the database to attack
through careless actions

• An outsider who obtains credentials through social engineering or other methods, or


gains access to the database’s credentials

• An insider threat is one of the most typical causes of database security


breaches and it often occurs because a lot of employees have been
granted privileged user access.
• Weak passwords, password sharing, accidental erasure or corruption of
data, and other undesirable user behaviors are still the cause of almost
half of data breaches reported.
Database
Security • Attackers constantly attempt to isolate and target vulnerabilities in
Threats • New vulnerabilities are discovered daily, and all open-source database
software, and database management software is a highly valuable target.

management platforms and commercial database software vendors


issue security patches regularly. However, if you don’t use these patches
quickly, your database might be exposed to attack.
• Even if you do apply patches on time, there is always the risk of zero-
day attacks, when attackers discover a vulnerability, but it has not yet
been discovered and patched by the database vendor.
• A database-specific threat involves the use of arbitrary non-SQL and
SQL attack strings into database queries. Typically, these are queries
created as an extension of web application forms or received via HTTP
Database requests.

Security adhere to secure coding practices, and if the organization does not
• Any database system is vulnerable to these attacks, if developers do not

Threats carry out regular vulnerability testing.

• Buffer overflow takes place when a process tries to write a large


amount of data to a fixed-length block of memory, more than it is
permitted to hold.
• Attackers might use the excess data, kept in adjacent memory
addresses, as the starting point from which to launch attacks.
• In a denial of service (DoS) attack, the cybercriminal overwhelms the target
service—in this instance the database server—using a large amount of fake
requests. The result is that the server cannot carry out genuine requests
Database from actual users, and often crashes or becomes unstable.

Security many computers, participating in a botnet controlled by the attacker.This


• In a distributed denial of service attack (DDoS), fake traffic is generated by

Threats highly scalable defensive architecture. Cloud-based DDoS protection


generates very large traffic volumes, which are difficult to stop without a

services can scale up dynamically to address very large DDoS attacks.

• Malware is software written to take advantage of vulnerabilities or to cause


harm to a database. Malware could arrive through any endpoint device
connected to the database’s network. Malware protection is important on
any endpoint, but especially so on database servers, because of their high
value and sensitivity.
• The evolving IT environment is making databases more susceptible to threats. Here
are trends that can lead to new types of attacks on databases, or may require new
defensive measures:
Database • Growing data volumes—storage, data capture, and processing is growing
Security must be highly scalable to address distant and near-future requirements.
exponentially across almost all organizations. Any data security practices, or tools

Threats especially as businesses transfer workloads to hybrid cloud or multi-cloud


• Distributed infrastructure—network environments are increasing in complexity,

architectures, making the deployment, management, and choice of security solutions


more difficult.
• Increasingly tight regulatory requirements—the worldwide regulatory
compliance landscape is growing in complexity, so following all mandates are
becoming more challenging.
• Cybersecurity skills shortage—there is a global shortage of skilled cybersecurity
professionals, and organizations are finding it difficult to fill security roles. This can
make it more difficult to defend critical infrastructure, including databases.
How Can You Secure
Your Database Server?
A database server is a
physical or virtual
machine running the
database.

Securing a database
server, also known as
“hardening”, is a
process that includes
physical security,
network security, and
secure operating system
configuration.
Securing
Database
Server
Securing
Database
Server
Securing
Database
Server
Securing
Database
Server
Securing
Database
Server
Securing
Database
Server

You might also like