5 tips for keeping your database secure 0 753

Secure database

5 tips for keeping your database secure

Of all East African countries, Kenya has the highest recorded monetary loss from cyber crime totaling $171 million last year. When it comes to database protection, there are steps and procedures that can be taken internally to minimize the risk of cyber crime. Over and above strong passwords, backing up data and using security applications, there are a number of additional precautions that can be taken.

Here are 5 key tips for keeping databases secure

  1. Control access to the database

Give access only to those who really need it and then limit their permissions and privileges.

THE MORE YOU LIMIT PERMISSIONS AND PRIVILEGES, THE BETTER

In addition to basic system permissions, you should also consider:

  • Limiting access to sensitive data for both users and procedures—in other words, only authorizing certain users and procedures to make queries relating to sensitive information.
  • Limiting the use of key procedures to specific users only.
  • Whenever possible, avoid simultaneous use and access outside normal or office hours.

It is also recommended to disable all services and procedures that are not in use, in order to prevent them from being attacked. In addition, whenever possible, the database should be located on a server that is not directly accessible from the internet, to avoid information being exposed to remote attackers.

  1. Identify sensitive and critical data

The first step, before considering protection techniques and tools, is to analyze and identify what important information must be protected. To do so, it is important to understand the logic and architecture of the database, to make it easier to determine where and how sensitive data will be stored.

Not all of the data we store is critical or needs protection, so it makes no sense to spend time and resources on this type of information.

We also recommend keeping an inventory of the company databases, being sure to take all departments into account. The only way to effectively administrate and avoid losing information is to know about all of the company’s instances and databases and keep a record of them.

What’s more, an inventory is particularly useful when doing an information backup, to avoid leaving critical data out of the scheme.

  1. Encrypt information

Once the sensitive and confidential data have been identified, it is good practice to use robust algorithms to encrypt that data.

When an attacker exploits a vulnerability and gains access to a server or system, the first thing they will try to steal is the databases. These are a valuable treasure, as they usually contain many gigabytes of valuable information; the best way to protect a database is to make it illegible to any person who accesses it without authorization.

  1. Anonymize non-productive databases

Many companies invest time and resources in protecting their productive databases, but when developing a project or creating a test environment, they simply make a copy of the original database and start to use it in environments that are much less tightly controlled, thus exposing all the sensitive information.

Masking, or anonymization, is a process through which a similar version is created, maintaining the same structure as the original but modifying the sensitive data so that it remains protected. With this technique, values are changed while maintaining the format.

The data can be changed in different ways: mixing it together, encrypting it, mixing up the characters or substituting words. The specific method used and the rules and formats that need to be respected will be up to the administrator, but whatever method is used, it must ensure that the process is irreversible; that is, no amount of reverse engineering will enable anyone to obtain the original data again.

This technique is especially used – and recommended – for databases that are part of a testing and development environment, because it allows you to preserve the logical structure of the data while ensuring that sensitive client information is not available outside the production environment.

  1. Monitor your database activity

Being aware of auditing and recording actions and data movement means that you know what information has been handled, when and how, and by whom. Having a complete history of transactions allows you to understand data access and modification patterns and thus avoid information leaks, control fraudulent changes and detect suspicious activity in real time.

Remember to follow these tips and be very careful when managing and protecting your databases. The information they hold is very valuable to the company and a very attractive prize for attackers, so it definitely deserves your full attention.

Previous ArticleNext Article

Interview: Addressing the Six Biggest Cybersecurity Challenges for Enterprise 0 216

cybersecurity challenges enterprise
Ken Kimani, Channel Manager of ESET East Africa, introduces the 6 biggest cybersecurity challenges for enterprises

Enterprises are under constant attack from cybersecurity threats resulting in the loss of millions in revenue annually. Factors such as ransomware, targeted attacks, insufficient network visibility, various operating systems in an organization, bad security behaviour among office staff, lack of skilled cybersecurity workforce and the level of tolerance among staff are the major causes of cyber-attacks in the country.

To mitigate these issues, ESET East Africa offers free training, suitable for all skill levels to help educate enterprises on the importance of cybersecurity.

Subscribe to our newsletter to find out more about this training, our enterprise offering and to follow our series on the 6 Biggest Cybersecurity Challenges for Enterprises.

 

Safer Internet Day 2019 0 256

Working together with your children for a better online experience

Beginning in 2004, Safer Internet Day has grown to become one of the landmark events in the online safety calendar. And this year’s theme, ‘Together for a better internet’, encapsulates a lot of the discussion we are seeing around online safety and cybersecurity. The topic is too complex a minefield for any of us to bear sole responsibility and, like all good things in life, we need to work together to bring about the best possible future.

What does it mean to work together where online safety is concerned? It could be an IT security company working closely with a consultation of parents to develop products, or parents and teachers working to ensure the online education of our young people. But what about children themselves? We put a lot of onus on finding the right solutions and products to protect our kids online, but one day those kids will grow up and live without online parental control. We should think about the best way to prepare them; ‘together for a better internet’ should mean working with our children to educate, inform and protect them, so they can stand the best possible change of making the right decisions for themselves.

That’s not to say that software doesn’t play a crucial role, and ESET would encourage all parents to take care over choosing the right parental control software on the family computer. When you are doing this though, we advise you do it together with your kids. Talk them through the programmes you’re installing and select your privacy settings together, discussing why you are doing it and the kinds of threats you’re protecting the family against. As part of this conversation you can talk to your children about what they’re doing online, who they’re talking to and what kinds of things they need to be careful about in day to day online. Many kids see control settings on the internet as a block to them having fun; what they need is someone to explain their function and reasoning. By having this discussion, you’re giving your kids an element of control and responsibility over their online activities which, when paired alongside the rules and software we all need to protect ourselves, should produce better results when it comes to their internet education.

The internet is such an integral part of our lives that the earlier you start talking to kids, involving them and teaching them about their online worlds, the better the results. Creating an open dialogue will always be more effective than just putting your foot down.

Set an example; whatever you expect your kids to do, make sure you are also doing. The online world represents dangers for all of us and we can all benefit from a few more precautions. If you’re asking your kids to cover their webcam when they’re not using it, then make sure you also do it. If you’re restricting their screen time, then think about setting yourself some boundaries as well. With the damaging effects of too many screens on our health and wellbeing, it’s unlikely to have any negative repercussions.

ESET’s software, such as its ESET Parental Control, places a large emphasis on parents and children working together. It helps them to navigate online, manage what apps and websites they use, and decide – together – what’s good for them. One of the key features is age-based filters which helps to manage which apps children can and cannot access, allowing parents to consider the right restrictions for their children and to not just impose a blanket ban. Other features include setting time limits on when children can play on their devices and creating exceptions that kids can request. Parents can even send their children messages which they must acknowledge before they can continue to use their devices.

It’s elements such as these that allow children to be involved in the monitoring of their safety, and truly help parents to work together with their kids for a better internet and the best possible online world.