Database Security
Risks of Direct Production Database Access
A large percentage (figures vary from ~60% to over 75% dependant on source) of all data breaches start internally - in 2020 61% of companies had an insider attack in the past year (1) (Bitglass, 2020).
A large number of data breaches are accidental (human error) rather than malicious. In 2020 62% of insider incidents were caused by negligent employees or contractors. Malicious insiders accounted for only 14% (1) (Panda Security, 2020).
Poorly written queries impacting overall database performance.
Mitigation
No shared accounts
Auditing
Least Privilege
How to Protect a Database
Ensure your database configuration follows policy.
Patch for known vulnerabilities
Monitor for configuration drift
Enforce least privilege
Control privileged user access to data
Enforce separation of duties
Establish and enforce a trusted path to data
Encrypt data in motion and at rest
Protect against network sniffing attacks
Protect against data scraping attacks (.e.g ransomware)
Use native auditing capabilities to capture high-value activity
Use network-based monitoring to examine ALL activity
From: Russ Lowenthal - Oracle Customer Success Services: Optimizing database security against cyber attacks - 14-Jun-2023
Bibliography
RBAChttps://infohub.delltechnologies.com/p/database-security-methodologies-of-sql-server
Direct Production Access/Data Breacheshttps://security.stackexchange.com/questions/175344/what-are-the-risks-of-allowing-business-users-direct-production-database-accesshttps://thenextweb.com/news/how-pixars-toy-story-2-was-deleted-twice-once-by-technology-and-again-for-its-own-good(1) https://financesonline.com/insider-threat-statistics
Oraclehttps://www.oracle.com/topics/technologies/security.html
MS-SQLhttps://learn.microsoft.com/en-us/compliance/regulatory/offering-cis-benchmark
Database Threatshttps://geekflare.com/database-threats-and-prevention-tools/https://www.imperva.com/resources/free-cyber-security-testing-tools/scuba-database-vulnerability-scanner/ (Scuba)