11 Database Security Practices and Disaster Prevention Tips

Technical Tips
2022-06-20

Knowing the proper configuration, maintenance, and cyber security essentials is a must when working with databases. Fail to do so, you will get to experience first-hand what a forensics database examiner has to deal with when helping an organization find out how their databases got hacked.

Although experience certainly is the mother of wisdom, there is no need for you to learn from your own mistakes in this case – these can be quite costly.

To give you an illustration, the most infamous hacks from the recent decade or so had a disastrous outcome in many areas, resulting in:

  • Litigation
  • Loss of trust
  • Regulatory fines

Infamous database hacks from the past

In these infamous database incidents and hacks, high-profile companies were involved. This includes:

  • CelebGate (2014 hack that involved phishing and brute force attacks)
  • Yahoo (2013 breach that affected millions of accounts)
  • LinkedIn (2021 breach that affected 700 million users)
  • NetEase (2015 hack that exposed 234 million user accounts)
  • Adobe (2013 hack that exposed 153 million user records)
  • MySpace (2013 breach that involved 360 million user accounts)

As you can see, no one is completely safe from database attacks, not even some of the most prestigious companies that have the resources and budget to hire the world’s top IT security professionals.

Therefore, vigilance is key whether you’re a small business, a large enterprise, or any other type of organization.

By indicating all the above cases, we’re going to dive into the list of database security measures to figure out, why is to prevent malicious actors from obtaining unauthorized access to your database, implementing the following database security measures is a must.

1. Provide proxy access through HTTPS

SSL and Https

Unauthorized access is one of the internet threats you want to keep out of your databases. One way to accomplish this is to provide proxy access through HTTPS, which is one of the measures to keep unauthorized third-party access at bay.

If the database contains sensitive personal information such as credit card data, passwords, and similar, you shouldn’t think twice about implementing this. At the same time, connecting through a proxy server also has a side benefit of encrypting all the traffic that passes through it, thus making it harder to intercept and listen in on it.

2. Utilize real-time monitoring

Radar

In the world of network and information security, the fact is that you can never be 100% certain that your database has not been hacked, even by having a cyber security expert on the team. Therefore, regularly checking in on the situation by using industry-grade digital forensics tools like DBF for traces of illegal activity is something to work into your routine (don’t forget DBF also has a free trial so you can get familiar with it without spending a dime).

In essence, the idea is to be able to react as soon as you notice that something isn’t quite right. Database forensics tools like DBF provide an easy access to logs from where you can figure out what IP was connected to the database at what time and what action was executed.

If you’re not sure how it looks to have a database fall under attack, consider hiring white-hat penetration testing services and the check the logs. What you will notice is a clear pattern of repeated login attempts and it’s just one example of what to look for.

3. Install a firewall

Security

A firewall grants you the necessary cyber security protection you need to keep malicious connections out. Think of it like an extra layer of defense.

Even if you’ve got everything else taken care of, installing a firewall can make all the difference for the better.

There are three types of network firewalls you should be aware of:

  • Proxy server firewall
  • Stateful packet inspection
  • Packet filter firewall

Each of them serves a unique purpose and has its own optimal configuration instructions, so make sure to do your diligence beforehand. Also, since new cyber security threats and methods of attack are emerging all the time, it’s essential to update your firewall on a regular basis.

4. Make regular backups

Data Backup

The importance of making regular backups is like a gospel in computer security, so you’ve probably heard it a million times. Nevertheless, try to work it into your information security routine and allocate some time to it despite having a busy schedule. At the end of the day, having a backup to restore your database can mean the difference between saving your data and losing access to it forever.

Don’t think merely in terms of a malicious actor deleting your data – sometimes, databases get corrupted due to a bug or a poorly coded feature. In the unfortunate event of this happening, the good news is that not all is lost.

You can either restore your database to a working state from one of the backups you’ve made previously or take advantage of advanced digital forensics tools such as DBF by SalvationDATA. Whether the database is relational or non-relational, it will help you restore deleted, corrupted, or fragmented files even if you don’t have a background in IT.

5. Update your software regularly

Loading

When it comes to IT security, keeping your software up-to-date is truly an ace up your sleeve. The reason being is that security vulnerabilities get discovered all the time. At some point, this becomes public knowledge, free for malicious actors to weaponize against those who don’t take the time to apply the updates that get released to address the issue. Don’t be one of them!

And yes, this means ALL software you’re using, including plugins. Updating the operating system alone isn’t going to cut it! During the process, you may discover there’s a plugin or a piece of software you haven’t used for quite a long time. In case you do, it’s time to ask yourself whether you truly believe you’re going to need it again in the foreseeable future. And if the answer is “no”, it’s probably best to purge it just to keep on the safe side. For all you know, its developers might have stopped releasing updates for it altogether, leaving it rife with vulnerabilities for hackers to exploit.

6. Devise strong passwords

Star

This cannot possibly be emphasized enough: coming up with strong passwords is the main line of defense against anyone who’s trying to brute force their way into a database so it’s important to have this form of cyber protection in place. So many forensics database crime cases revolve around having to chase down a criminal who used this rather uninventive type of cyber attack to steal important data from a database that was poorly guarded against it.

According to Verizon, a compromised password plays a role in 80% of cyber security breaches. This speaks volumes about how people are inclined to neglect proper password creation practices and gravitate towards convenience. Examples include devising passwords that are simple to remember or reusing their passwords across different accounts, both of which are a big no-no in terms of cyber safety and security.

Good password practices

So what does a strong database password look like? You can pretty much get creative with it, as long as:

  • It’s fairly long (16 characters or more)
  • It contains numbers, capitalized letters, and special characters
  • It’s not easily guessable (forget about home addresses or your pet’s name)
  • You haven’t used it anywhere else
  • You store it in a safe place (don’t write it down in plain text and use a password manager instead)

This should be more than enough to get your creative juices flowing and it’s considered an essential good cyber hygiene practice.

7. Make use of multi-factor authentication

account & verify

When it comes to keeping your database safe, having a strong password is a good start. But what happens if an unauthorized third party gets a hold of it regardless? Well, if you’ve taken the time to set up multi-factor authentication, a hacker would also need direct physical access to another one of your smart devices such as your smartphone.

In essence, here’s how it works: apart from having to enter the correct login credentials to get access to the account, that person would also need to enter a separate randomly generated code that gets sent to the rightful owner’s device. Failing to do that would result in a denial of access even if the password was correct.

Although the method is by no means bulletproof, in the vast majority of cases, it’s a safety net that is strong and reliable enough to prevent a major disaster of someone trying to break in.

8. Store data on separate servers

Server

Just as the old saying goes, you should never store all your eggs in one basket, and the same logic applies to database security. If you’ve been paying attention, you also know that each of these separate databases should be protected by a unique password.

At the very least, you should store sensitive information such as login credentials and credit card numbers separately and have stronger security measures in place for that database server. Apart from all the other tips we shared on the subject, one extra step would be to only allow connections from a specific predetermined IP (which is the one that belongs to the administrator) and automatically deny all others.

9. Encrypt your data

Data Encrypted

Keeping your database encrypted is one of the essential database security practices. After all, it probably contains trade secrets and other sensitive information. In practice, this means that even if a cyber criminal somehow manages to bypass all the other defenses you’ve put into place, they still won’t be able to access the data that’s stored inside.

10. Avoid the default network ports

Data Transition

Since this is the first thing a hacker will try, using the default network ports as the main way to access a database is a bad idea. Typically, this would be through TVP and UDP protocols, both of which are configured to let traffic through the default network ports – you should reconfigure this.

Did you know a lot of database forensics cases involve hackers brute-forcing their way through these? And it’s a rather common occurrence too. Since this would introduce finding the right ports for the hacker to get through, many will get deterred from even trying due to the extra effort it would take.

11. Don't forget physical database security

Credit Card

As a final nugget of wisdom, don’t forget that databases are hosted on physical hardware. So unless you’re letting a hosting company look after yours and you’re running an in-house database server, physical database security becomes a very important information security measure to take.

Ask yourself who can access the premises to potentially do damage to it or steal data right from underneath your nose. Assign server access on a per-need basis only and watch out for malicious insiders. When no one’s around, make sure the room where your database is located is locked and keep track of who has the key.

Conclusion

A substantial portion of database security comes down to you, your knowledge, and your willingness to implement the cyber security defenses necessary to keep malicious actors at bay.

In the unfortunate event of a breach, you can count on forensics database specialists to do their work and track down the perpetrators, but if at all possible, focusing on preventative measures is your best bet to keep your databases safe.

  • Leave a Reply

    Please rate

    Tell us about your experience

  • Leave a Reply

    Please rate

    Tell us about your experience