Data Security

Dr. Assem Khalaf

gu.edu.eg
• Auditing should work even if the network is
encrypted. Databases must provide robust and
comprehensive auditing that includes information
about the data, the client from where the request is
being made, the details of the operation and the
SQL statement itself.

2
• Securing databases in the cloud: Cloud database
deployments can reduce costs, free up staff for more
important work, and support a more agile and
responsive IT organization. But those benefits can
come with additional risk, including an extended
network perimeter, expanded threat surface with an
unknowable administrative group, and shared
infrastructure.

3
• However, by employing the proper database security
best practices, the cloud can provide better security
than most organizations have on-premises, all while
reducing costs and improving agility.

4
What is Database Security?

Database security consists of the controls

organizations implement to prevent unauthorized
access or data breaches from database files,
database management systems (DBMS), and
connected systems. Security controls consist of
architecture techniques, application design,
procedures, processes, and tools that make the data
more difficult to access and use.

5
Database security done poorly will harm operations
efficiency, application performance, and user
experience. Security must be balanced against
operations needs with the goal of reducing risk to an
acceptable level while maintaining usability.

6
Database security best practices and controls apply
specifically to databases. However, databases do not
exist in pure isolation, so organizations must also
defend the broader ecosystem. To be adequately
defended, effective database security also requires
the implementation of more general security best
practices applied to related systems.

7
Database Security Best Practices
1-Separate Database Servers
By definition, web servers must be publicly accessible
to be used, but this also paints web servers as a
primary target for attack. A successful attack may
grant an attacker access to the host server for the
website or application, which allows an attacker to
access anything else hosted on the server.

8
Database Security Best Practices

Databases should be segregated to a separate

container, physical server, or virtual server to allow
for additional hardening and to prevent access if the
website or application is breached. Only the required
ports on the separate server should be opened and,
where possible, an organization should change the
default communication ports to make attacks more
challenging to execute.

9
2. Use Database Firewalls
Databases only become useful if accessed, but that access
must be protected. The first layer of defense comes from
database-specific firewalls that deny access by default. The
only traffic allowed through the firewall should come from
specific applications, web servers, or users that need to
access the data, and without a specific need, the firewall
should deny the database from initiating outbound
connections.

10
Direct access to the database should be limited or
denied if the use-case will allow it. Firewall rule changes
must be controlled by change management procedures
and trigger alerts for security monitoring. .

11
Organizations can deploy specialized database tools that
include special firewalls such as the Oracle Audit Vault
and Database Firewall, dedicated physical or virtual next
generation firewall (NGFW), or web application
firewall (WAF) solutions. Organizations with more
limited resources may simply deploy a hardened version
of the database server’s operating system firewall.

12
3. Secure Database User Access
The least possible number of users, applications, and
application programming interfaces (APIs) should
access the database.

13
Any access should be granted only after network or
application authorization and, even then, all access
should be based on the principle of least privilege and
granted for the least time possible. This best practice
can be broken down into three sub-categories: user
authorization, privileged access, and development and
operations (DevOps) use of databases.

14
 Administrators also need to harden the
database access rules:
• Null passwords should not be allowed
• Temporary installation files that may contain
passwords should be deleted
• Default accounts should be deleted if not needed
or else change passwords from default settings

15
 Administrators also need to harden the
database access rules:
• Require unique IDs for all users for tracking and
logging
• Users and applications should use separate
accounts
• Inactive users should be disabled or deleted on a
schedule

16
 Administrators also need to harden the
database access rules:
• Elevated database privileges should be logged,
reported, and potentially generate security alerts
• User groups and access rights should be reviewed
on a periodic basis
• Accounts should automatically lock after a number
of failed logins, usually recommended as six failed
login attempts

17
Privileged Access
Admins should have only the bare minimum
privileges needed to perform required tasks, and
only for the duration they specifically need access.
Privileged access should be granted temporarily and
revoked continuously. Larger organizations
automate access management using privileged
access management (PAM) software. PAM provides
authorized users with a temporary password, logs
activities, and prevents sharing passwords.

18
DevOps Database Use
Although not typically considered users, DevOps teams
need to create test environments to verify that
applications can access and use databases correctly.
Unfortunately, using live or production database data
often leads to accidental data leaks.
To avoid issues, DevOps should use the following
practices:

19
• Sensitive data should be limited to the production
environment
• Test environments should be physically and logically
separated from production environments
• Test environments should use separate roles and
permissions than production environments
• Developers should not get access to production
environments unless absolutely necessary
• Test environments should never contain real
production data; synthetic or anonymized datasets
should be used instead

20
Thank You

gu.edu.eg