Don’t Forget to Lock the Backdoor to the Database
83% of security and audit professionals polled in a survey revealed that their databases were not adequately protected.
Join the DZone community and get the full member experience.
Join For FreeData security stays in the headlines as the number of security breaches continue to grow. As security software gets better, hackers are becoming even more sophisticated with increased ability to destroy networks and steal sensitive data and information.
It’s no wonder that over 83% of security and audit professionals polled in a survey revealed that their databases were not adequately protected. A large percentage of these professionals are understand the threats of human error and insider abuse as they see security breaches coming from privileged IT staff and not from outside threats.
The documented costs of these security issues is in the millions, however, this same survey showed that most IT pros have no idea of how much their security (or lack of) is actually costing them.
It’s clear that your database must be protected from within as well as from without.
One of the greatest documented challenges to the database is human error from within. The other is abuse of user privileges. With the number of threats growing it is not enough to detect and prevent unauthorized access to data in a database. Your organization must have the ability to prevent unauthorized changes to the database structure and the data it contains. It is essential to have the ability to trace the changes being made not only by what the change is but by who has made the change.
You need to know: Who did what to your database, where and when they did it and why it was done.
This is where our DevOps for database solution comes in. It prevents unauthorized changes to the database with our Enhanced Security features.
TeamWork:
- Prevents unauthorized changes to your database
- Grants appropriate access permissions to each organizational role
- Ensures that access and changes to database are performed by those with authorization
- Eliminates any unsuspected surprises in production
- Without this type of protection, anyone with access to the database through the user account; including, Developers, QA users and DBAs, can change any database object, at any time, and in any environment.
This is without a doubt a major security breach, and explains why over 83% of DBAs believe their databases are lacking in protection measures.
Published at DZone with permission of Yaniv Yehuda, DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.
Comments