Databases are essential for storing, accessing, manipulating and organizing data. Databases may contain unimportant information, but more and more highly sensitive data is maintained. Names, addresses, phone numbers, credit card numbers, Social Security numbers and more are stored in databases and many times this data is accessible through some type of web interface. As the amount and type of data stored online continues to expand, attackers have become increasingly more focused on gaining illicit access to these systems. As a result, keeping data secure in a database is a primary concern for developers moving into the future. The primary areas of security concern include physical, software, access and redundancy. These must all be taken into consideration in order to ensure the security of the database and the data therein.
Physical security is the first line of defense against any intrusion. However, this aspect is frequently overlooked. Every step to gain physical access should be considered, especially who, including employees, might be able to obtain access to the system. Multiple layers of security should be put in place to ensure people are only in the areas in which they are allowed. To secure the building itself security staff can be hired, cameras installed and require an identification badge to enter the front doors. The data warehouse itself could have an additional layer of identification to gain entry, and the physical hardware should be locked in cages or otherwise secured to prevent theft or damage. For extremely sensitive data 24-hour video monitoring can be added inside the data center and proximity, motion, vibration, sound or even temperature sensors can be installed to minimize risk of any physical theft or harm.
Security for the software is not as simplistic, plus it is inherently tied to access. If one were to take a computer with a fresh install of Windows XP, no service packs, and connect it to the internet the machine would be attacked, infected and completely insecure within seconds. Any server made accessible from the internet is vulnerable to attackers; the more substantial the data, the higher the risk of attack. Data should be placed on its own server, separate from the web server and inaccessible from the internet. Otherwise, if an attacker gained access to the web server they would immediately have access to the database as well (Cobb, 2005). A firewall between the web server and data server would provide an additional layer of protection. Data within the database should be hashed and encrypted, never stored in plain text, and proprietary cryptography should never be used as it is prone to errors while open source crypto is tested and proven. The data server should never allow anonymous connections and only respond to the known IP of the web server (Cobb, 2005). File access and modification needs to be locked down; user authentication can help block attacks, but is also effective in ensuring users do not modify data they should not (Davis, 2010).
When the data is accessible from the web additional security considerations must be made. One of the biggest risks to a database from the web is an SQL injection attack, wherein an SQL command is used in place of normally entered data allowing an unauthorized user to gain higher level access to the database. By not running a query directly against the table and instead use a stored procedure, also known as SPROC. Not only does using SPROCs make it easier to modify how data handling is processed and provide better performance, but a SPROC will incur a syntax error and halt execution if an SQL statement is inserted (McLaws, 2003). There are also certain things that can help stop an attacker who does gain access. Windows Access Control Lists (ACLs) can be used to restrict what operations users can perform and the system resources they have access to. Even more data protection can be gained by combining ACLs with permissions and table access control; if a table should only be read, make it read-only (Cobb, 2005). Make it as difficult as possible for any attacker that may gain access by using different, long, random passwords for server, system and software access (McLaws, 2003). This is only a brief overview as there are many other ways to help protect the software and access side of data in a database.
Finally, redundancy is of the utmost importance for any data storage. Just like physical security, data loss is rarely thought of as a security risk; and just like physical theft or destruction, loss of data has a substantial impact on business. To recover from a failure as soon as possible redundant backups, including at least one off-site backup, and hardware are a must. Local, mirrored redundant servers make it quick and easy to switch to a live backup if any substantial failure were to occur. Hardware redundancy allows the system to get back up and running in the event of any hardware failure. Redundancy allows a system to recover from failures quickly and efficiently; without it data could be lost or compromised.
With so much data being stored and transmitted electronically, security of this data is of the utmost importance. Stories of large sites with many users being hacked are becoming more and more frequent, user data stolen and released to the wild. More often than not, the attack could have been avoided if best security practices had been employed. Database developers and admins must take security seriously and incorporate secure practices from the start to ensure the security of the data.