Solutions to corporate database security range from encryption strategies and patches to stricter access policies to auditing and monitoring database access.
In Brief: Eighty-three percent of U.S. organizations believe they have taken significant measures to secure their databases. However, in the years surrounding those survey results, more than 100 million records containing sensitive, personal information were breached. Clearly, large corporate databases are not as secure as their executives think, threatening not only their customers' privacy and safety, but their own corporate secrets and company longevity.
Corporate database security is a two-part problem because new threats and vulnerabilities continue to develop, making it difficult for database administrators and security managers to keep up. The other part is that every company's security issues are different, making it nearly impossible to standardize solutions.
To try to circumvent those issues, this study examines the five most common threats and six most prevalent vulnerabilities large corporate databases face, and then gives viable security solutions for combating each of them.
|Database Threats||Security Solutions|
|1. Unauthorized access by insiders||Access Policies|
|2. "Brute Force" attacks||Firewall|
|3. Incorrect usage||Vulnerability Assessment|
|4. Stolen laptops||Encryption|
|5. Personal hardware collection||Auditing and Monitoring|
Figure 1—Five most common database threats and potential security solutions
In a typical corporation, roughly 1000 devices require some form of security. But unlike a home, where a burglar has two options for entry―windows and doors―a corporate environment potentially leaves open nearly a dozen. And that includes threats from the inside, as well, like disgruntled employees, forgetful users who misplace sensitive data or passwords, or even dishonest employees who sell corporate information.
The most common of these active attacks include 1) Unauthorized access by insiders, 2) "Brute Force" attacks―deliberate acts against a corporate database, 3) Incorrect usage, 4) Stolen laptops, and 5) Personal hardware collection.
However, more passive dangers that simply leave databases exposed to security breaches can do an equal amount of harm and include such vulnerability scenarios as 1) Data-at-rest (unencrypted information), 2) Sensitive data, 3) Poor application architecture, 4) Password vulnerability, 5) Unlocked database, and 6) Vendor bugs.
Companies can take immediate steps to secure their databases by following eleven solutions outlined in the paper, from encryption strategies and patches to stricter access policies to auditing and monitoring database access.
Research Paper Author: Ryan Nichols—2007 AIM Graduate, Project Leader Systems Database Administrator, HBO
Abstract: Databases are being compromised today at an alarming rate (Britt 2007). This content analysis study provides database administrators and security managers with an inventory of five common threats to and six common vulnerabilities of databases of large corporations when more than 1000 devices require security management (Whitman and Mattord 2004), aligning these threats with potential security solutions. As noted by Vizard (2007), while companies are becoming adept at fighting data breaches, attacks are gaining in sophistication.