Relational Database Security

The most common ways that relational database security can be compromised is through user privilege abuse, weak authentication, weak auditing, and weak backup strategies.  Some key considerations for addressing these potentials for compromises are as follows.

User Privilege Abuse

User privileges control which resources (e.g., assets, applications, data, devices, files, networks, systems) a user can access and what actions a user can perform on those resources.

Too often, unrestricted or excessive user privileges are broadly assigned to groups, roles, and individuals to simplify the user management process and ensure users can do their job without triggering security alerts or being blocked from necessary assets.

As a result, the security of the database can be compromised if a user with unrestricted or excessive privileges:

  • Makes unauthorized changes to the database, including adding, modifying, or deleting data.
  • Views confidential or sensitive data — including intellectual property, code, legal data, and employee and customer personal information — even though it’s not required for their job.
  • Falsifies alert investigations by viewing, modifying, or deleting audit logs.

Addressing the potential for user privilege abuse involves both prevention and detection strategies. Suggested strategies include the following.

Prevention

  • Implement strong user rights management.
  • Enforce separation of duties.
  • Consider restricting access to sensitive data by putting the database on a server located on a private network, with multilevel access controls implemented at the operating system, network, server, database, table, and/or row level.

Note: Implementing multilevel access controls requires discovering where your database is located, what data is stored within the database, and then classifying that data by type, sensitivity, and value/risk level. It will also require creating granular, rather than broad-stroke user privilege profiles.

Detection

Weak Authentication

Database security can be compromised by weak or ineffective password policies, shared user accounts, poor encryption of and/or theft of user login credentials, and circumventing access controls by allowing direct access to the DBMS/RDMS.

Addressing weak authentication issues involves both prevention and detection strategies. Suggested strategies include the following.

Prevention

  • Reconfigure application systems (e.g., PeopleSoft and SAP) so they cannot directly connect to the database, since authentication is based on the application’s credentials instead of the user’s credentials. As a result, both the operating system and database are unaware of the user’s identity and cannot enforce access controls or trace actions to a specific user.
  • Disable an application system’s generic user accounts and default blank passwords. Instead, create new user profiles/accounts with a different name.
  • Disable expired passwords and recycled passwords.
  • Implement password complexity and aging features into the DBMS/RDMS.
  • Mask passwords.
  • Authenticate both the user and device used to access the database (especially bring-your-own devices).
  • Create a behavioral baseline profile or ‘whitelist’ of typical patterns of access to databases, based on functional unit and role, and then spotlight the riskiest users, client hosts, and servers so security teams can prioritize investigation of any anomalies.

Detection

  • Create alerts for and then investigate failed login attempts and account lockouts.
  • Audit data objects whenever an object is accessed.
  • Audit all commands written by users with direct access to data.

Weak Auditing

Too often, audits are viewed as complex and time-consuming. As a result, organizations may not implement a strong audit plan. But industry-specific and regulatory mandates require audits to determine compliance. And audits help ensure timely investigation of and response to anomalies.

Suggested strategies to improve auditing include the following.

Prevention

  • Define which transactions need to be audited, such as failed logons, shared accounts, and login attempts with non-existent user names, at unusual hours, or with different usernames but the same device.
  • Conduct frequent privileged user monitoring, including audits of all commands entered by a DBA or other privileged user.
  • Run frequent sensitive data access audits
  • Enforce separation of duties so that users with unrestricted user privileges cannot modify or delete audit logs.
  • Ensure DBA does not have superuser/unrestricted privileges.

Detection

  • Create alerts for anomalies in audit logs, but be aware of alert fatigue.

Weak Backup Strategies

Database security can be compromised by incomplete or failed backups, theft or improper storage of unencrypted backup media.

In addition, database transactions are recorded in a transaction log written to the database and a separate file. If the database is corrupted, then the transaction log is also corrupted. That creates data integrity and recovery problems.

Some strategies to strengthen backups include the following.

Prevention

  • Define a backup and recovery strategy appropriate for your organization.
  • Update the transaction log within the minimum recovery interval.
  • Backup the transaction log before it’s truncated.
  • Encrypt the backup log file.
  • Copy backups to a separate server, in near real time.
  • Ensure strong access controls (both physical and virtual) for the location where backup media are stored.

Detection

  • Conduct health checks, such as BACKUP VALIDATE and RESTORE VALIDATE, to check for possible corruptions.

Learn how Imperva solutions can support relational database security.

You might be interested in:

User Rights Management

User rights management is a security feature controlling which resources (e.g., assets, applications, data, devices, files, networks, systems)…

Learn More

Data Discovery

Data discovery is a process for identifying and providing visibility into the location, volume, and context of structured…

Learn More
Live Chat Agents Unavailable