The number of attempts to hack the security system of different companies and organizations is alarming. At the moment, attacks are most of all organizations in the field of health, finance, retail, government, production and energy.
Together with new technologies appearance cybercrime is developing rapidly. Their methods are becoming more sophisticated. As a result, even large enterprises with a reliable cyber protection system can become their victims. Small business is a little «relaxed» in this matter, erroneously believing that they are «uninteresting» for cybercriminals. However, any information and data are value and can become a «prize» for cybercriminals regardless of which company they belong.
According to forecasts, by 2025 cybercrime will cost the global economy of 10.5 trillion dollars. This once again shows how important direct the attention to ensure cybersecurity.
Safety measures database differ from web security measures. Next, consider 10 basic methods for ensuring databases safety and corporate information protection.
- Physical database security
Data centers and proprietary servers may be vulnerable to physical attacks from a third party or internal source. A cybercriminal can steal data, corrupt it, or inject malware to gain remote access having gained access to a physical database server. They can bypass digital security protocols, so it’s worth taking extra security measures to detect this type of attack.
When choosing an information hosting and storage service provider it’s necessary to make sure that the company takes security issues seriously. It is worth avoiding free services, as this may lack a security system. To ensure the security of your own servers, you need to introduce additional physical security measures: cameras, locks, security personnel. Also, to reduce the risk of unauthorized activity, ertain users must have registered access to the servers.
- Separate database servers
Protecting databases from cyberattacks involves special security measures. Placing the data and the site on the same server exposes the data to attacks that target the site. For example, the online store owner stores the website, confidential and non-confidential data on the same server. To protect against cyberattacks and fraud, many use the site security system that is provided by the hosting, as well as the security features of the e-commerce platform. But the vulnerability level of sensitive data to attacks through the website and e-commerce platform is becoming much higher. As a result, a cybercriminal can gain access to the database.
To mitigate these risks, it’s necessary to separate database servers from everything else. It also makes sense to use security information and monitor events in real time. It allows organizations to respond quickly and take immediate action when a breach is attempted.
- HTTPS server setup
The proxy server acts as an intermediary between the user and the target server. Before accessing the database server, it evaluates requests that are sent from the workstation and does not allow unauthorized requests. Data passed through the proxy server is also encrypted, providing an additional protection layer. Sensitive data such as passwords, payment information, personal information requires setting up an HTTPS server.
- Don’t Use Default Network Ports
Protocols are used when transferring data between servers. TCP and UPD protocols are used transferring data between servers and automatically use the default network ports. The default port is often used in a brute-force attack. The attack consists in searching for a password from the set of all its possible values by exhaustive search. If you do not use the default ports, the cybercriminal will have a long and possibly unsuccessful path to find the right key. To ensure that the new port isn’t being used by others, it’s necessary to check the Internet Assigned Numbers Authority registry when assigning the new port.
- Real-time database monitoring
Regularly scanning the database for hacking attempts enhances security and also allows to quickly respond to potential attacks. Tripwire software can be used to log all activities that occur on the database server.
Also, regular audits and testing should be carried out. It allows timely detection of vulnerabilities in database security and fix them.
- Database and application firewall
A firewall is the first protection level against unauthorized access attempts that must be installed, both to protect the site and the database.
In this case, 3 types of firewalls are commonly used:
- Packet filter firewall
- Stateful packet inspection (SPI)
- Proxy server firewall
- Data Encryption Protocols
Data encryption is necessary to preserve trade secrets, as well as when moving and storing user confidential information. Data encryption significantly reduces the possibility of a successful data breach. Even if a cybercriminal gets hold of the data, the information remains secure.
- Create backups
To reduce the risk of losing sensitive information due to malicious attacks or data corruption, you should back up a database regularly. The copy must be encrypted and stored on a separate server. This approach allows to recover data in case the primary database server is compromised or unavailable.
- Application update
As a result of research, it was revealed that 9 out of 10 applications contain outdated software components. According to the WordPress plugins analysis, 17383 plugins have not been updated for 2 years, 13655 for 3 years, and 3990 for 7 years. Together, this poses a serious security risk. To manage databases, it’s necessary to use reliable software, keep it up to date and install new patches, and this also applies to widgets, plugins, third-party applications, etc.
- User authentication
According to studies, compromised passwords are responsible for 80% of data breaches. This proves that passwords by themselves are not a strong security measure (primarily due to the human factor in creating a password). To solve this problem, it is worth adding another security layer by setting up a multi-factor authentication process. Recent trends make this method less than ideal, but it will be difficult for cybercriminals to bypass the security protocol. Also, to reduce the potential hacking risk, access to the database should be limited to verified IP addresses. The IP address can be copied, but it will require additional effort from the cybercriminal.