Good data is the lifeblood of business and depends on robust database systems. Database security is critical to business continuity planning. To adequately safeguard these systems, teams must understand common vulnerabilities and plan accordingly. Here are four security risks to address in any risk mitigation strategy.
Due to urgency or resource constraints, database deployment is often a nail-biting process with too many variables. Upgrades and patches may be done on the fly or with haste, and vulnerabilities can creep in that pose long-term threats. The culprit is often the failure to apply sound security processes.
Deployments often fail due to schemas or files deviating from the production versions. A version control system, or VCS, was either never implemented or was haphazardly used. The VCS schema copy should remain precisely synched with the production schema.
Similarly, many deployments fail due to deployment scripts and files that were updated offline and never integrated into the VCS repository. Teams may overlook software tools versioning, especially if making emergency tweaks under pressure.
Erratic version control frequently leads to inconsistent deployment processes. Varying scripts or interfaces can cause unpredictable behavior that breaks a rollout. It also complicates troubleshooting. A custom database development solution can offset this risk by ensuring that all components work seamlessly together and are systematically maintained.
One critical file to account for is the rollback script or instruction set. The inability to efficiently roll back the database is a potential business showstopper and, therefore, a significant security risk. All scripts and procedural documentation should be tested regularly as part of business continuity planning and be under version control.
Deployments stall when something goes wrong, and a gap exists between the deploy time and the last backup. The impacted data could be permanently lost or corrupted. In this case, either the team neglected to take a snapshot immediately before deployment, or else the backup was corrupt.
These oversights can happen when the deployment seems minor or is addressing an emergency. Ideally, the team takes a snapshot immediately before locking the database and tests it with a restore to an alternate location. The extra time spent up-front to ensure backup integrity could avert an irrecoverable data loss.
In addition to VCS and sound backups, a dedicated test environment helps ensure successful database deployments. It is tempting to share the test region with other applications to save resources, particularly during crunch time. However, applications must be siloed to avoid adding risk to testing or data.
The test region should contain production versions of schemas, files, and the environment. Mismatches can lead to successful tests and yet broken production deployments. Test regions merit the same rigorous maintenance as production environments. Database security depends on it.
Another common security issue is the broken database, often caused by data violating constraints. Constraints are the rules, or properties, defining good data in a column, table, database, or schema.
Typical constraints include requiring a primary key to identify table records and fields to have unique values. A foreign key constraint enforces that a value, such as a city name, references an existing record stored in another table.
A broken database will stall deployments and other critical tasks and, if occurring in production, impact users. Before implementation, checks should be run on data to remove invalid values, duplicates, and broken foreign key references. If possible, constraints should be added one at a time to simplify troubleshooting.
Tips for managing constraints include:
Removing duplicate records. Check for duplicates before applying constraints for unique values.
Avoiding invalid data. Add check constraints to all tables to ensure values meet validity criteria.
Creating scripts that check all constraints. Validation scripts that provide detailed error information greatly simplify troubleshooting and applying fixes.
Testing with production data. If production data is unavailable for confidentiality reasons, create a test copy with sensitive information masked. Otherwise, maintain dummy data that closely mirrors production complexity.
A third security threat occurs when a database becomes inconsistent due to data violating global integrity constraints. This state can prevent access and may require database restoration from backup. Although not all incidences are preventable, adhering to sound processes can avoid those due to poor judgment.
Teams in crisis mode may rely on the command line or homegrown scripts to manipulate databases. A typical scenario is to skirt environment issues or a finicky utility by using the command line to move a database or files.
Unfortunately, bypassing the application's utilities can destroy a database. Depending on the degree of corruption, the database may need to be deleted, recreated, and repopulated with data. A safer approach is to copy a database to its new location, using the proper utilities, and verify the copy's integrity before making it primary.
Other causes of inconsistent databases include:
Unsupported hardware configurations.
Modified installation file variables.
Database recovery failure.
Hardware or software failure.
The fourth vulnerability involves the information technology teams managing databases. These teams require a separation of duties to maintain the checks and balances needed to safeguard sensitive information. Often roles are blurred in businesses of all sizes due to expediency.
Sometimes management takes a black-box approach to information technology, assuming that viable production data means all is well. However, ignoring roles invites human error or outright criminal activity. Internal employees and contractors are involved in most data-related crimes, either intentionally or due to mistakes and weak procedures.
Here are some considerations for a secure team:
Segregation of security management, auditing, database administration, server administration, and backups.
Scheduled and random auditing by a separate tech-savvy team, such as systems analysis, or an external company.
Security simulations to validate that disabling monitoring functions, such as logging, cannot be performed by the same roles with sensitive data access.
Outsourcing custom database development and other software roles to separate them from system administration.
Database security starts with well-trained teams committed to robust processes and clear roles. Human error, combined with a reactive organizational culture, escalates the risk of failed deployments and broken and inconsistent databases. The solution is to plan for security problems now, so when crunch time hits, teams execute with skill and effectiveness.
Chetu, Inc. does not affect the opinion of this article. Any mention of specific names for software, companies or individuals does not constitute an endorsement from either party unless otherwise specified. All case studies and blogs are written with the full cooperation, knowledge and participation of the individuals mentioned. This blog should not be construed as legal advice.
Chetu was incorporated in 2000 and is headquartered in Florida. We deliver World-Class Software Development Solutions serving entrepreneurs to Fortune 500 clients. Our services include process and systems design, package implementation, custom development, business intelligence and reporting, systems integration, as well as testing, maintenance and support. Chetu's expertise spans across the entire IT spectrum.
- See more at: www.chetu.com/blogs