I recently appeared on an episode of The Virtual CISO Podcast hosted by my friend John Verry titled “Confronting the Wild West of Database Security.” In our conversation, I emphasized that despite the criticality of the data involved, many companies fail to appreciate the cybersecurity risks associated with their databases. They simply don’t realize how big their database attack surface really is.
Here are 5 significant threats to your databases that we often find our clients are unaware of.
One: Inconsistent user account management
A great many of the database vulnerabilities we see relate to sloppy, inconsistent, or ad hoc management of user accounts and login profiles. Issues with privileged users, obsolete accounts, and default passwords in use very often slide under the radar. This potentially leaves the door open for unwelcome guests to pay a visit to your database.
Two: Non-masked data in QA and dev environments
It’s scary how often we see non-masked data used in dev/test scenarios. In many cases, the production environment is well secured, but the development and QA environments are much less well secured. Yet the same data is being used in both. There’s no reason for this given the plethora of tools available for masking or obfuscating data.
Besides leading to data exfiltration, this is a potential compliance violation. Depending on your regulatory environment and the nature of the non-masked data (e.g., financial, medical, or other sensitive personal data), just the fact that you’re retaining that outside the production environment where it’s accessible to QA engineers and others who don’t have a legitimate reason to access it could be deemed a data breach.
Another danger is that code and data in dev/test environments frequently end up on developers’ local machines, which greatly increases the risk of data loss or a breach. On the podcast, John recalled an incident where a developer working for the City of New York dumped about 500,000 unmasked HR records onto his laptop, which he then left behind at a Korean restaurant. That ended up costing the city $23 million.
Three: Database sprawl
An extremely common but frequently disregarded threat to database security is database sprawl. The more databases you have, the more likely some will have unmitigated vulnerabilities that lead to compromise.
And as bad as database sprawl is on-premises, it’s exponentially worse in the cloud where everything is virtualized. It’s just too easy sometimes to spin up databases and then forget about them. Organizations need policies and processes to reduce the risk (not to mention the wasted money) from database sprawl.
Four: Pipeline leakage
A little-known database security concern that we are seeing more and more frequently is what I call “pipeline leakage.” I’m not a DevOps expert, but in my view, this “pipeline leakage” creates a very significant risk in the DevOps and CI/CD world or the data engineering world.
Here’s what happens: Data gets taken out of a very well-protected database. Then, teams create XML, CSV, or JSON files that hold some of the data and put it somewhere else. Now it’s in temporary files or holding areas or spreadsheets that are scattered all over the place. Is the data still secure? Who knows? Teams need to be aware of this issue and clean up their processes to close this hole.
Five: Insider threats
Insider threats, both intentional and unintentional, are the root cause of something like 50% of data breaches. Whether they result from revenge, greed, or a user clicking a malicious link designed to harvest their credentials, insider attacks often target databases because of all the valuable data they contain. Yet many organizations underestimate the prevalence of insider threats and their potential impact.
To protect a database from insider threats, you need a way to log and detect activity against the database, both authorized and unauthorized (i.e., user activity monitoring). Then you need a way to alert on potential issues and investigate them. Finally, you need preventive controls like robust identity & access management (IAM) policies, such as quickly deleting unused accounts and only authorizing access to sensitive data for those who really need it.
Now You Know About These Database Security Risks, What’s next?
The most comprehensive way to identify and prioritize your database security risks is a database security assessment. This cost-effective process covers everything from policies to user rights to auditing your databases for vulnerabilities with automated tools.
For more information on how a database security assessment can reduce your security and compliance risk, contact Buda Consulting.