How important is securing the database in the context of digital businesses of today?
Malware nowadays are getting more sophisticated that can easily bypass traditional anti-virus detection engines. Most AV vendors have realized and adopted better detection and prevention techniques such as the use of Machine Learning, Artificial Intelligence and in some cases Deep Learning. Malware has different form factors, ones that target endpoints (desktops, laptops and servers) and you have malware that inject itself into application code such as a malicious JavaScript on a website that is mining crypto-currencies. In short you need a defense in depth approach to malware that goes beyond just endpoints.
This is trivial and one needs to adopt human centric security approach by adopting a security based culture within the organization. From the gamification of security awareness, to regular team building exercises that promote cyber security, to running phishing simulations and human based cyber range exercises. Humans as they say are the weakest link so it is always advisable to run these simulations and ensure you cover yourselves. This involves not only your internal employees but your 3rd parties too. Try social engineering with your 3rd parties and see the results – you will be surprised.
Databases is the brain behind any digital infrastructure – whether they are traditional databases or distributed data lakes (big data) – they store data in structured or unstructured nature and therefore one needs to exercises the full gambit of data security and data governance. This starts by classification and labeling of data to ensuring data activity monitoring is performed to ensuring encryption at rest, transit whilst adopting advanced techniques such as data masking and tokenization. Securing databases is an art not a science, often security professionals have limited understanding on databases as these are not systems they operate every day. Take the example of database security when spinning a database up as a microservice or if your organization is adopting big data – and how security needs to be applied in such instances and the whole set of security controls changes. The bottom line is, understand your database landscape, understand data flows and identify the relevant security control around your databases and within your database. Last but not least – your DBA’s should also be monitored to ensure internal fraud or misuse does not occur.
This is a domain that has been practiced since I can remember; nothing new in this, there are well established tools for vulnerability management. What is typically missing in organizations is a solid program and process around vulnerability management that starts by having a well structured asset CMDB which allows you to pinpoint your asset classes and perform vulnerability assessment on scheduled basis. For example how many databases in your organizations have been classified as critical and are they tagged to perform vulnerability assessment on a more frequent basis than other databases. In some security domains – getting a process right overrules the technology behind it and vulnerability management along with patch management is one of them. Beyond that vulnerability management tools always capture vulnerabilities, I mean that is what they are there to do, but they don’t catch everything – exercise a hybrid approach of vulnerability assessment and penetration testing. But before all that, do the basics and ensure hardening is done first. There is no point in building a nice building without a solid foundation – the same goes for any IT infrastructure.
How important is securing the database in the context of digital businesses of today?
Databases is the brain behind any digital infrastructure – whether they are traditional databases or distributed data lakes (big data) – they store data in structured or unstructured nature and therefore one needs to exercises the full gambit of data security and data governance. This starts by classification and labeling of data to ensuring data activity monitoring is performed to ensuring encryption at rest, transit whilst adopting advanced techniques such as data masking and tokenization. Securing databases is an art not a science, often security professionals have limited understanding on databases as these are not systems they operate every day. Take the example of database security when spinning a database up as a microservice or if your organization is adopting big data – and how security needs to be applied in such instances and the whole set of security controls changes. The bottom line is, understand your database landscape, understand data flows and identify the relevant security control around your databases and within your database. Last but not least – your DBA’s should also be monitored to ensure internal fraud or misuse does not occur.
This is a domain that has been practiced since I can remember; nothing new in this, there are well established tools for vulnerability management. What is typically missing in organizations is a solid program and process around vulnerability management that starts by having a well structured asset CMDB which allows you to pinpoint your asset classes and perform vulnerability assessment on scheduled basis. For example how many databases in your organizations have been classified as critical and are they tagged to perform vulnerability assessment on a more frequent basis than other databases. In some security domains – getting a process right overrules the technology behind it and vulnerability management along with patch management is one of them. Beyond that vulnerability management tools always capture vulnerabilities, I mean that is what they are there to do, but they don’t catch everything – exercise a hybrid approach of vulnerability assessment and penetration testing. But before all that, do the basics and ensure hardening is done first. There is no point in building a nice building without a solid foundation – the same goes for any IT infrastructure.