Databases are the backbone of most organizations’ information systems. Whether presented through web applications or thick client applications, access to sensitive data can be contained through security controls embedded in the application.
But what happens when the application fails to enforce security? Web applications can be subject to code injection attacks and databases can be accessed directly through administrative ports. If this occurs, your data is at risk and you can lose:
- Personally, identifiable information
- Payment card information
- System information such as passwords and password hashes
- Confidential corporate information
- Information that is public but whose accuracy and integrity is relied upon.
Databases need protection independent of any security the front-end application provides. Here’s why:
- A database firewall can protect a database by examining key features of any queries and determining whether it is safe through predetermined white and black lists or through anomaly detection.
- An application that normally accesses credit card numbers one record at a time can be identified as being hacked when it asks for all credit cards numbers in one query.
Many organizations also don’t have a clear idea of the number and location of databases in use. These can retain sensitive information completely open to the network with a hard-coded and well-known password.
This is where SpearHead Networks can help you find and manage the security of all your databases through our suite of database scanners and database firewalls. If you know, or believe you’re storing sensitive information in a database, contact us today, to see what we can do to help you define and solve any database security issues you may have.