Database Security, Essay Example

In this technology-driven world, threats and vulnerabilities are paramount, as risk environment continues to change. Every day a new threat becomes desperate to find vulnerability to exploit or compromise a system or network. In order to prevent security vulnerabilities associated with SQL injection attacks, the first factor is not to trust anyone and all the data that needs to be processed must be validated first. Secondly, the use of Dynamic SQL is not a good idea, as parameter based queries and stored procedures must be avoided where applicable. Moreover, patch management is a critical process that must be incorporated efficiently to remove security weaknesses from database that can be exploited by cyber criminals via SQL injection. Furthermore, Firewall that focuses on web applications must also be incorporated within the network. Likewise, firewall rules must be save enough to mitigate or protect some percentage of newly available threats before the security patch is developed and available from the vendor. In addition, reducing exposure of the network to the hacker can be done by hardening the server. This involves disabling unwanted services, privileged access, ports and other associated functionality. One critical factor is associated with minimizing administrator level privileges and grants it where there is no other choice.

Applications that are using XML are not vulnerable to Xpath injection attacks. Likewise, the augmentation in newly available platforms such as Ajax, FLEX, XML services etc. needs to be evaluated by the programmers for minimizing security loop holes and vulnerabilities in these platforms. One best mitigation methodology is to follow best security practices that will mitigate this threat to a certain extent.

As mentioned earlier, database hardening is essential to configure the database for preventing attack and minimizing vulnerabilities. However, for hardening the database, following steps must be addressed:

• The first step is to complete the hardening checklist of the server. This process is executed on the updated supported version of the operating system.
• The latest generation of the database must be utilized.
• Patch management by installing the updated security patches from the vendor for the database.
• Disabling and removing default usernames and passwords.
• Reviewing and manually deleting stored procedures those are not in use. However, there are cases where the required stored procedure cannot be removed.
• Isolating databases within their associated servers is also a necessary step in this process. Moreover, database containing sensitive and personal information should be safeguarded by the firewall, World Wide Web and limiting administrative access to the database.
• Moreover, access of application to the database must also be limited to administrative access and read only access writes must be granted where applicable.
• Validating audit features on operating system from a domain controller to check whether the violation logs are working or not.
• Naming the database server with long and difficult names and passwords
• Security protocols such as IP security (IPsec) and Secure Socket Layer (SSL) must be incorporated to secure access mechanisms to and from the database.
• For each database administrator, secondary administrative users must be created instead of providing multiple users for accessing the database by administrative accounts.