Database Security

Database security refers to DBMS features and other related measures that comply with
the organization’s security requirements. From the DBA’s point of view, security
measures should be implemented to protect the database against loss, corruption, or
mismanagement. In short, the DBA should secure the DBMS from the point of
installation through operation and maintenance.

To protect the DBMS against service degradation (Low quality service), some security
safeguards are recommended. For example:

• Change default system passwords.

• Change default installation paths.

• Apply the latest patches (software or OS updates that address security

vulnerabilities).

• Secure installation folders with proper access rights.

• Make sure that only required services are running.

• Set up auditing logs.

• Set up session logging.

• Require session encryption.

Furthermore, the DBA should work closely with the network administrator to implement
network security that protects the DBMS and all services running on the network. In
modern organizations, one of the most critical components in the information
architecture is the network.

Protecting the data in the database is a function of authorization management.

Authorization management defines procedures to protect and guarantee database
security and integrity. Those procedures include the following:

• User access management. This function is designed to limit access to the

database; it likely includes at least the following procedures:

 Define each user to the database. The DBA performs this function at the
operating system level and the DBMS level. At the operating system level, the
DBA can request the creation of a unique user ID for each end user who logs on
 to the computer system. At the DBMS level, the DBA can either create a different
user ID or employ the same one to authorize the end user to access the DBMS.
 Assign passwords to each user. The DBA also performs this function at both the
operating system and DBMS levels. The database passwords can be assigned
with predetermined expiration dates, which enable the DBA to screen end users
periodically and remind them to change their passwords, thus making
unauthorized access less likely.
 Define user groups. Classifying users into groups according to common access
needs can help the DBA control and manage the access privileges of individual
users. Also, the DBA can use database roles and resource limits to minimize the
impact of rogue users in the system. (See Section 15.9.6 for more information
about these topics.)
 Assign access privileges. The DBA assigns access privileges to specific users to
access certain databases. Access rights may be limited to read-only, or the
authorized access might include read, write, and delete privileges. Access
privileges in relational databases are assigned through SQL GRANT and REVOKE
commands.
 Control physical access. Physical security can prevent unauthorized users from
directly accessing the DBMS installation and facilities. Common physical security
for large database installations includes secured entrances, password-protected
workstations, electronic personnel badges, closed-circuit video, voice recognition,
and biometric technology.

• View definition. The DBA must define data views to protect and control the
scope of the data that are accessible to an authorized user. The DBMS must provide
tools that allow the definition of views composed of one or more tables, and must
assign access rights to users. The SQL CREATE VIEW command is used in relational
databases to define views. Oracle DBMS offers Virtual Private Database (VPD), which
allows the DBA to create customized views of the data for different users. With this
feature, the DBA could restrict regular users who query a payroll database to see only
the necessary rows and columns, while department managers would see only the rows
and columns related to their departments.

• DBMS access control. Database access can be controlled by placing limits on the
use of DBMS query and reporting tools. The DBA must make sure the tools are used
properly and only by authorized personnel.

• DBMS usage monitoring. The DBA must also audit the use of data in the
database. Several DBMS packages contain features that allow the creation of an audit
log, which automatically records a brief description of database operations performed
by all users. Such audit trails enable the DBA to pinpoint access violations. The audit
trails can be tailored to record all database accesses or just failed ones.

The integrity of a database could be lost because of external factors beyond the DBA’s
control. For example, the database might be damaged or destroyed by an explosion, a
fire, or an earthquake. Whatever the reason, the specter of database corruption or
destruction makes backup and recovery procedures crucial to any DBA.

How to Secure Database?

One reality of managing large organizations involves collecting massive amounts of

sensitive data that is stored and managed in databases. This makes databases a prime
target for cyber attacks.

1. Separate database servers and web servers

In the traditional sense, this means keeping your database server in a secure, locked
environment with access controls in place to keep unauthorized people out. But it also
means keeping the database on a separate physical machine, removed from the
machines running application or web servers.

A web server is more likely to be attacked since it is located in a DMZ and therefore
publicly accessible. And if a web server is compromised and the database server runs
on the same machine, the attacker would have access as a root user to your database
and data.

2. Use web application and database firewalls

Your database server should be protected from database security threats by a firewall,
which denies access to traffic by default. The only traffic allowed through should come
from specific applications or web servers that need to access the data. The firewall
should also protect your database from initiating outbound connections unless there is a
specific need to do so.

In addition to protecting the database with a firewall, you should also deploy a web
application firewall. That’s because attacks such as SQL injection attacks directed at a
web application can be used to exfiltrate or delete data from the database. A database
firewall won’t necessarily prevent this from happening if the SQL injection attack comes
from an application that is an allowed source of traffic, but a web application firewall
may. For more on SQL injection attacks, see How to Prevent SQL Injection Attacks.
 3. Secure database user access

You should aim for the least number of people possible to have access to the database.
Administrators should have only the bare minimum privileges they need to do their job,
and only during periods while they need access. For smaller organizations, this may not
be practical, but at the very least permissions should be managed using groups or roles
rather than granted directly.

If yours is a larger organization, you should consider automating access management

using access management software. This can provide authorized users with a
temporary password with the privileges they require each time they need to access a
database. It also logs the activities carried out during that period and prevents
administrators from sharing passwords. While admins may find sharing passwords
convenient, doing so makes proper database security and accountability almost
impossible.

On top of this, it is wise to ensure standard account security procedures are followed:

 Strong passwords should be enforced

 Password hashes should be stored encrypted and salted
 Accounts should be locked after three or four login attempts
 A procedure should be put in place to ensure that accounts are deactivated when
staff leave or move to different roles

4. Regularly update your operating system and patches

It’s important to regularly update your operating system and database software with all
security patches installed to protect against the most recently discovered vulnerabilities.
You should also ensure that all database security controls provided by the database are
enabled (most are enabled by default) unless there is a specific reason for any to be
disabled. This is particularly important for databases connected to a large number of
third-party applications that each requires their own patches.

5. Audit and continuously monitor database activity

This includes monitoring logins (and attempted logins) to the operating system and
database and reviewing logs regularly to detect anomalous activity. You can also create
alerts to notify relevant team members when potentially malicious activity is identified.

Effective monitoring should allow you to spot when an account has been compromised,
when an employee is carrying out suspicious activities or when your database is under
attack. It should also help you determine if users are sharing accounts, and alert you if
accounts are created without your permission (for example, by a hacker).

Database activity monitoring (DAM) software can help with this by providing monitoring
that is independent of native database logging and audit functions; it can also help
monitor administrator activity.

6. Test your database security

After you’ve constructed your database security infrastructure, you should put it up
against a real attack. Hacking or auditing your own database will put you in the mindset
of an attacker and help you find vulnerabilities you may have missed. To ensure the
test is comprehensive enough, there are third-party services and white hat hackers that
specialize in penetration testing you can hire to do the job for you.

7. Encrypt data and backups

It is standard procedure in many organizations to encrypt stored data. However, it’s

equally important to encrypt data-in-transit as well.

You should also regularly backup your database and ensure that any backups are
encrypted and stored separately from the decryption keys. For example, you should not
store encrypted backups alongside description keys in plaintext. Regularly backing up
your system not only protects against hackers but other failures as well, such as
problems with physical hardware.