Is your data safe from cyber threats? In today’s world, the answer to this question can never be an unquestioned “Yes.”
Risks abound for data. But there are better and worse ways to handle this reality. While cybersecurity in general is meant to protect data from malicious actors, it is wise to do as much as possible to protect data at one of its main sources—the database itself.
The high cost of data breaches makes proactive database security a must for cybersecurity operations. Database security entails tools, processes, controls, and tasks that protect databases from internal and external threats. The goal is always to uphold the “CIA Triad” of confidentiality, integrity, and availability of sensitive data. Database security spans physical infrastructure, operating systems, applications, and database platforms. It also includes backup and recovery processes, because backing up data is the last line of defense when defending against a data breach.
Database security is highly recommended for an organization that wants to protect its data from breach. This should mean every organization, but if you are concerned about the high cost of handling a breach ($4.55 million according to IBM), you will want to do as much as you can to protect your data where it lives.
The key components of database security include a variety of controls and countermeasures that exist elsewhere in the IT estate, but which are applied specifically to a database:
Authentication: Making sure that any user with access to a database is who they say they are
Authorization: Checking that a user is authorized to access the data they want to see
Encryption: Protecting the contents of the database from unauthorized access by making it impossible to read
Auditing: Checking on the efficacy of controls and countermeasures while reviewing access logs and related data feeds to spot anomalies and suspicious user activity
Backup and recovery: Keeping copies of database contents in separate locations, including the cloud, for the purpose of restoring the data if it is modified or deleted by an attacker or user error
Just about any external cyber threat can be a threat against a database. A phishing attack, for instance, could allow a hacker to impersonate a database administrator. An email-borne malware attack could compromise an endpoint or application, giving unauthorized access to a database in the process. Internally, there can be known vulnerabilities in the database software, as well as “zero day” vulnerabilities.
Attacks lower in the technology stack also put databases at risk. If a system’s BIOS firmware is not patched, for example, an attacker can take over a database server and wreak havoc on its data without anyone even being aware that an attack is in progress. Unpatched operating systems and database software present comparable risks.
Database threats can also be internal. These include malicious insiders, but also unintentional acts that result in data breaches. For example, a software developer might clone a database and put it in a dev environment, where it lacks access controls and hardening. Thus exposed, the database is at risk for breach.
AS a result of these threats, database security should involve regular security risk assessments. The specifics of such an assessment will vary based on the scale and complexity of your database environments, as well as on availability of esources. But the goals and general practices remain the same, regardless of scope. For example:
Check access permissions: Who can access the database? Checking access permissions can be a big task in a large organization. Using role-based access control (RBAC) can simplify the process, e.g., all members of a certain department can access the database, but no one else can, etc.
Check levels of access privilege: Not all users should have the same level of access privilege. Some users may require “read only” access, versus administrative users who can modify data or the structure of the database itself.
Review authentication processes: How are users authenticated? If multi-factor authentication (MFA) is a policy, for example, is it applied to the database?
Review of patching policies and procedures: It is highly recommended to have rigorous processes for keeping database software up-to-date, as lapses in patch management can expose a database to risk.
Review of database security policies: It is a good idea to do a general review of security politics. Is your database configured to encrypt data at rest? Is encryption policy being enforced? Are policies being enforced consistently across all database instances? Are “dev” copies of a database also adequately protected? Are backed-up databases encrypted and subject to access controls? These are examples of where a risk assessment can reveal serious deficiencies that require remediation.
Penetration testing (pentesting): Pentesting involves hiring ethical “white hat” hackers to attack your databases and see if they can break in. You’ll probably be stunned to see what it’s possible for them to access.
Proactive searching for threats: As demonstrated by Rubrik’s threat hunting solutions, the process involves scanning assets for threat signatures. You might have malware lurking in your database environment, waiting to activate and breach your data. If you can discover it early, you’ll save yourself a lot of pain and aggravation.
Over the years, security teams and their partners in IT operations have developed an effective set of database security best practices. Some of these are common sense extensions of general cybersecurity best practices, applied to databases, e.g., strong access controls, strong passwords, password rotation, patch management, and so forth.
However, some best practices are specific to databases. For example:
Separate database servers from web servers: The two server types are not the same when it comes to security. Each requires its own distinct hardening processes. By separating the two servers, you reduce the risk that a hacker will be able to compromise a database server if they penetrate the web server.
Conduct continuous data discovery: You may think you know where all your data is, but you might be surprised. Between backups, dev and test instances, and shadow IT projects, you may discover data in places you don’t expect. You can’t protect what you can’t see.
Conduct regular audits: Things change quickly in a dynamic database environment. It’s wise to audit database logs and relevant security controls.
Monitor database activity: Threats can manifest in anomalous database activity, e.g., excessive data exporting requests at odd hours. You can catch attacks early by continuously monitoring database activity.
Even after you assess your database risk and apply database security best practices, you still may experience a breach. When all else fails, the right data protection solution can help you fully recover the data contained in your databases.
Database backup and recovery should be viewed as part of the database security mix, even if it’s not a control or countermeasure per se. Reliable backup is essential for data integrity and availability. What makes for a good database backup solution?
Support for zero trust architecture that spans cloud and on-premises databases: No one should be allowed to access a database by default. Rather, by verifying users and working under the rule of least privilege, it becomes possible to keep databases safe and readily available.
Rapid, flexible recovery: A database backup tool should enable admins to recover entire databases or just the data that’s needed, and do it quickly. Rubrik can deliver on aggressive recovery time objectives (RTOs). Speed matters when responding to a cyber attack. The faster the recovery, the better off everyone will be, especially if the breach affects customer-facing applications.
Global policy-driven automation: It is time to move past relying on multiple legacy backup solutions for databases. Instead, an effective database backup solution gives admins the tools to automate backup and restore functions based on globally-applied policies–enabling efficient backup management across the entire multi-database environment.
Incremental/forever backups: With parallelization, backups can be limited only to data that’s changed, with live mounting making that data rapidly available.
Ransomware mitigation: Database backup today must consider the threat and impact of ransomware. A good solution will mitigate the impact of ransomware attacks, such as by creating immutable, air-gapped backups—which cannot be modified or deleted in any way. They are thus impervious to ransomware’s attempts at encryption.
Database security continues to evolve along with IT and compliance rules. The future of database security will likely involve adapting to new privacy laws, which require the implementation of controls, auditing, and mandatory reporting.
Database security is also poised to change as IT deployment patterns change. The growth of edge computing, for example, will place production databases in many far-flung locations, rather than on centralized on-premises or cloud-based platforms. Database security will have to adapt to this change.
Databases are at risk. They are a prime target for malicious actors that want to steal, damage, or encrypt your data. Overall cybersecurity controls and countermeasures help defend your databases, but to do the utmost to protect your valuable, sensitive data, you should implement database security measures. These run the gamut from encryption and database-specific access controls to separation of database servers from web servers, and more. Data Protection also has an important role to play, ensuring that data will be available quickly in the event of a breach.
Rubrik offers distinctive value in this context. Our solutions help keep databases secure and available. We automate database protection and simplify what can be a complex workload. Our immutable, air-gapped backups resist ransomware attacks, while our backups enable ultra-fast database recovery. You can recover what you need, when you need it. Collectively, these capabilities make it possible to mitigate much database security risk.