INFORMATION SECURITY BSCS 8TH

What is databases security?

Database security defines the collective measures used to protect and secure a database or
database management software from unauthorized use and malicious cyber threats and attacks.
Database security is a layer of information security. It is basically concerned with physical
protection of information, encryption of data in storage and data remanence issues.
Database security procedures are aimed at protecting not only the data internal the database, but
the database management system and some applications that access it from intrusion, misuse of
information, and damage.
Database security must address and protect the following:
 The data in the database
 The database management system (DBMS)
 Any associated applications
 The physical database server and/or the virtual database server and the underlying
hardware
 The computing and/or network infrastructure used to access the database

Why Database Security is Important?

According to the definition, a data breach refers to a breach of data integrity in databases. The
amount of damage an incident like a data breach can cause our business is contingent on various
consequences or elements.
 Intellectual property that is compromised: Our intellectual property--trade secrets,
inventions, or proprietary methods -- could be vital for our ability to maintain an
advantage in our industry. If our intellectual property has been stolen or disclosed and
our competitive advantage is lost, it could be difficult to keep or recover.
 The damage to our brand's reputation: Customers or partners may not want to
purchase goods or services from us (or deal with our business) If they do not feel they
can trust our company to protect their data or their own.
 The concept of business continuity (or lack of it): Some businesses cannot continue to
function until a breach has been resolved.
 Penalties or fines to be paid for not complying: The cost of not complying with
international regulations like the Sarbanes-Oxley Act (SAO) or Payment Card Industry
Data Security Standard (PCI DSS) specific to industry regulations on data privacy, like

1
NAQIB ULLAH KHAN | Lecturer Computer Science GPGC Bannu
INFORMATION SECURITY BSCS 8TH

HIPAA or regional privacy laws like the European Union's General Data Protection
Regulation (GDPR) could be a major problem with fines in worst cases in excess of many
million dollars for each violation.
 Costs for repairing breaches and notifying consumers about them: Alongside
notifying customers of a breach, the company that has been breached is required to cover
the investigation and forensic services such as crisis management, triage repairs to the
affected systems, and much more.

Common Threats and Challenges

Numerous software configurations that are not correct, weaknesses, or patterns of carelessness
or abuse can lead to a breach of security. Here are some of the most prevalent kinds of reasons
for security attacks and the reasons.
1. Insider Dangers
An insider threat can be an attack on security from any three sources having an access
privilege to the database.
o A malicious insider who wants to cause harm.
o An insider who is negligent and makes mistakes that expose the database to attack.
o An infiltrator is an outsider who acquires credentials by using a method like
phishing or accessing the database of credential information in the database itself.
2. Human Error
The unintentional mistakes, weak passwords or sharing passwords, and other negligent
or uninformed behaviors of users remain the root causes of almost half (49 percent) of all
data security breaches.
3. Database Software Vulnerabilities can be Exploited
Hackers earn their money by identifying and exploiting vulnerabilities in software such
as databases management software. The major database software companies and open-
source databases management platforms release regular security patches to fix these
weaknesses. However, failing to implement the patches on time could increase the risk
of being hacked.
4. SQL/NoSQL Injection Attacks
A specific threat to databases is the infusing of untrue SQL as well as other non-SQL
string attacks in queries for databases delivered by web-based apps and HTTP headers.

2
NAQIB ULLAH KHAN | Lecturer Computer Science GPGC Bannu
INFORMATION SECURITY BSCS 8TH

5. Buffer Overflow is a way to Exploit Buffers

Buffer overflow happens when a program seeks to copy more data into the memory block
with a certain length than it can accommodate. The attackers may make use of the extra
data, which is stored in adjacent memory addresses, to establish a basis for they can begin
attacks.
6. DDoS (DoS/DDoS) Attacks
In a denial-of-service (DoS) attack in which the attacker overwhelms the targeted server
-- in this case, the database server with such a large volume of requests that the server is
unable to meet no longer legitimate requests made by actual users. In most cases, the
server is unstable or even fails to function.
7. Malware
Malware is software designed to exploit vulnerabilities or cause harm to databases.
Malware can be accessed via any device that connects to the databases network.
8. Attacks on Backups
Companies that do not protect backup data using the same rigorous controls employed to
protect databases themselves are at risk of cyberattacks on backups.

Solutions to Databases Security

Because databases are nearly always network-accessible, any security threat to any component
within or portion of the network infrastructure is also a threat to the database, and any attack
impacting a user’s device or workstation can threaten the database. Thus, database security must
extend far beyond the confines of the database alone. Best practices for database security are:
Physical security
Whether your database server is on-premise or in a cloud data center, it must be located within
a secure, climate-controlled environment. (If your database server is in a cloud data center, your
cloud provider will take care of this for you.)
Administrative and network access controls
The practical minimum number of users should have access to the database, and their
permissions should be restricted to the minimum levels necessary for them to do their jobs.
Likewise, network access should be limited to the minimum level of permissions necessary.
End user account/device security
Always be aware of who is accessing the database and when and how the data is being used.
Data monitoring solutions can alert you if data activities are unusual or appear risky. All user

3
NAQIB ULLAH KHAN | Lecturer Computer Science GPGC Bannu
INFORMATION SECURITY BSCS 8TH

devices connecting to the network housing the database should be physically secure (in the hands
of the right user only) and subject to security controls at all times.
Encryption
ALL data—including data in the database, and credential data—should be protected with best-
in-class encryption while at rest and in transit. All encryption keys should be handled in
accordance with best-practice guidelines.
Database software security
Always use the latest version of your database management software, and apply all patches as
soon as they are issued.
Application/web server security
Any application or web server that interacts with the database can be a channel for attack and
should be subject to ongoing security testing and best practice management.
Backup security
All backups, copies, or images of the database must be subject to the same (or equally stringent)
security controls as the database itself.
Auditing
Record all logins to the database server and operating system, and log all operations performed
on sensitive data as well. Database security standard audits should be performed regularly.

4
NAQIB ULLAH KHAN | Lecturer Computer Science GPGC Bannu