According to the 2016 IBM Cyber Security Intelligence Index, 60% of database attacks originate from insiders. This may sound like a troubling statistic, considering most companies rely on their employees to be faithful and work within the law, but an insider threat does not necessarily mean that an attack is coming from someone within an organization. Outsiders using stolen data are classified as insiders as well.
How, then, can an enterprise protect their database information? After all, the credentials provided by the perpetrator are legitimate. Steve Hunt, writer of industry insight for GCN, posted a list of five of the best practices companies can undertake in order to avoid ruin:
- Continuously discover the entire database infrastructure. Agencies often underestimate just how many active databases they possess. Unknown databases generally run using default credentials that attackers can easily take advantage of. Automated database discovery is a crucial investment for avoiding this.
- Implement privileged session management. A privileged session manager (PSM) allows users to connect to systems without exposing private password information. The PSM also records session activity, ensuring that any changes made are easily tracked and monitored.
- Enforce least-privilege access. Employees gain more responsibilities the longer they're with a company. This senior privilege should also apply to database permissions. New employees should not be given full access and even senior roles should only be given exactly the access they require for their positions. The less exposure a database is given, even for the most trusted users, the safer it will be.
- Enforce strong passwords. Your employees don't use weak passwords for their email accounts, so why should they use them when dealing with your company's most sensitive data? It may seem like an obvious preventative measure, but it bears repeating: use strong passwords!
- Implement advanced compromised credential identification. Authorized individuals use databases in a predictable and recurrent way. When an unauthorized user is accessing your database, it is very clear based solely on their movements within the system. Automated machine learning-based security appliances can catch an unwanted user in their tracks based solely on algorithm analysis, preventing a massive data breach.
We have more tools now than ever before to prevent disastrous database breach. Using these five measures will give you the peace of mind your company needs.
For a more extensive understanding of how to protect your database, download this free white paper: Six Ways to Ensure Your Database Is Not a Security Vulnerability