Database security is always critical. After all, DBs usually house some pretty important information (just ask TJX customers). Experts have noticed a growing trend, however, of internal threats against your environment.
The crazy part? IT pros are to blame – not that they are doing it intentionally.
I spoke recently with Andy Feit from Sentrigo about the latest edition of their database security product, Hedgehog 3.0. He said that the effort to make databases more accessible has in turn made them vulnerable to hackers and internal threats. Increased accessibility means that admins can easily go in and make changes to valuable data. So the question is – who can you trust?
Many organizations focus primarily on securing the perimeter while unknowingly exposing their databases to those on the inside. And that’s really the crux of the issue. After all, admins on the inside NEED database access. So how can you find the right balance of accessibility and security?
Right now, the best way is to monitor database activity with third-party products. For example, the Hedgehog tool can be configured to not only monitor and log all database activity (something that needs to be done for compliance reasons), but also flag specific events, terminate potentially malicious acts and even quarantine the users responsible.
Hedgehog was originally designed for Oracle DBs but has since branched out to Microsoft SQL Server and other systems. Feit said that while Oracle databases are traditionally more susceptible to hackers, every DBMS has its flaws. In the case of SQL Server, attacks are usually not carried out specifically to gain access, but rather to lay the groundwork for a backdoor that can be taken advantage of later.
Naturally, there are plenty of other database security products out there. Have you had success using any particular third-party tools? Or even better (depending on how you look at it), has your organization faced any breaches despite these products? Sound off below.