Mind the Gap – Data Security and Teenage Driversby Robert Buda | Feb 7, 2018 | Best Practices , Database Security
Last modified on February 12th, 2018 at 3:59 pmReading Time: 3 minutes
New Security Assessment Tool — Why it matters?
Oracle just released a database security assessment tool (DBSAT) that identifies security vulnerabilities in Oracle Databases. I will be writing about that tool in a coming article but the release got me thinking about how little many companies do to protect their data. Since this was prompted by the Oracle Release, this post will be Oracle tinted, but the concepts hold true for all database management vendors. And what does this all have to do with teenage drivers? Stick with me, I will tie it all together, I promise.
You Have Gaps
Yes, that’s right, there are gaps in your database security. You may think there aren’t. You may kind of know there are but you know that you can’t really make it totally secure, so you rely on your network security layer, close one eye, and tell yourself that you are secure. But you are not. Not really.
Like Kids and Cars
The truth is you can never be totally secure. There will always be a hole somewhere. But the best play is to minimize the risk wherever you can. Like when you help your kids buy their first car. You know that putting a 17 year old behind the wheel is dangerous. You know that locking them in their room is much safer then letting them behind the wheel. But you must let them drive. So you do everything possible to protect them.
Reducing the Risks
You help them buy the biggest, safest car that you can afford. You give them the best driving lessons that you can find. You teach them for hours and hours how to anticipate and avoid others on the road that are looking at their phones instead of the road. You insist on a standard shift car so they can’t text and drive. And then you hope for the best. But you did everything in your power to mitigate the risk before hoping for the best.
The same must be true for your data. Your data will never be 100% safe. Anyone who tells you that you are is either lying or fooling themselves. But there are steps that you can take today to dramatically lower your risk, and you are probably not taking them.
You secure the network layer. You enforce strong passwords. You encrypt data in transit throughout the network. That is all great. But if that is all you do then it is like buying your kid a big old pickup truck with a strong body but no airbags or seatbelts. You are strengthening the outside, but you are neglecting the inside, where the kids are. (OK I know its an imperfect analogy but work with me!)
To really mitigate the risk to your precious data, you must secure your data from the inside, not just the outside. Your database software provides the capability to add significant layers of security. You have basic features available such as data encryption, role based security, and strong internal password policies. And you have advanced security features such as Virtual Private Database, Label Security, and Transparent Sensitive Data Protection.
In most organizations, these security features are either unused, underused, or misused. It is an opportunity to significantly reduce data risk that is being widely missed. If you are serious about protecting your data assets, you can approximate total data security by properly implementing the appropriate combination of these strong database security features in addition to the network security that you already practice. The cost of implementing stronger security may be tiny compared to the cost of damage to your business that can be done by a breach.
Take the next step to secure your data
If you are serious about protecting your database assets, give us a call and we can help you protect your data using the tools that are available from your database vendor.
And good luck with the kids!