If you find yourself frequently working with any applications, you already know how important security is: if you are a web developer, the security of your website is obviously one of the most important topics related to it, if you are a database administrator dealing with any kinds of database instances (be it MySQL, MariaDB, Percona Server, Oracle, MongoDB or any other databases), security should be on the table as well.
Why do I Need to Secure My Databases?
Securing your database instances is vital for a reason – if your business is a target of an attack, the security of your database could be the matter between life and death of your business: properly securing database instances is vital for every database administrator or a developer.
In general, database security comes down to a few core points:
- - Ensure that all the accounts associated with all databases have strong passwords. For example, ensure that all of your accounts use passwords with more than 10 characters that include numbers, letters and special characters.
- - Ensure that all the accounts associated with all databases do not have more permissions than necessary (make sure to enforce access control)
- - Avoid storing unnecessary sensitive data inside of a database instance – if you store passwords, make sure they are not stored in plain text, etc. - for example, store all of the passwords hashed with BCrypt instead of storing them in plain text or MD5: BCrypt, generally, will be much slower to crack than MD5.
- - Take backups of your data and ensure they are restorable. All of your backups should be tested too – make sure to restore them via phpMyAdmin or via other measures to ensure that everything works as supposed.
Knowing how to apply these things to secure your database instances is especially important:
- - Once you ensure that all your accounts have strong passwords you can sleep soundly at night knowing that a brute force attack directed at your database is not likely to be successful.
- - Once you properly enforce permissions across all your database instances you can make sure that all the users accessing database instances only know things they should know – even if such accounts would be compromised, damage would be minimal.
- - Once you avoid storing overly sensitive data inside of your database instances, you minimize the risk of the data becoming valuable to an attacker.
- - Once you know that you have properly backed up your data and you know that your backups can be promptly and easily restored, you are slightly less worried about what could happen if the data stored in your database instances would get lost, corruptedcorrupted, or affected by any kinds of issues.
Nonetheless, if you are not very experienced, accomplishing all of these things on your own accord can be difficult. Thankfully, there are tools that can help you out in this space.
Securing Database Instances with dbWatch
As you already know, dbWatch is the one tool that can help you ensure that your databases are operating correctly and ensure that they are available, performant and capable of tackling any issue that might come their way. However, what you might not be aware of is the fact that dbWatch can also be used to ensure the security of your database instances. For example, right click on one of your database instances and click on Management. You will see this screen:
Knowing the crucial details, the Management section of dbWatch provides can be the first step to ensure the security of your database instances. This section of dbWatch provides you with:
- - Information about your database server.
- - Information about the host, socket, and port of your database instance of choice.
- - Information about the version of your database instance.
- - Information where to find the configuration file of your database instance.
- - Information about your database instance uptime, its logical reads, and active and inactive sessions. You can see that in the graph positioned at the top right corner.
- - A pie chart depicting the total size of your databases.
Move over into the Configuration section and you will see information relevant to the performance of your database instance – keeping an eye out on this section could help prevent compromise because if your database is a victim of unauthorized access and you do not even know about it, the overview of it will be able to quickly alert you:
- - Keeping an eye out on the active (or inactive) sessions in your database could be an indicator of compromise or malicious activity: as commands (queries) are run in your database instance, you will be able to observe them all in a table underneath – if you see a query you are unfamiliar with, investigate its cause and if you think it’s not supposed to be executing, right click it and select “Kill session” to immediately terminate it.
- - Keeping an eye out on the sessions used per user could also be a revelation: if these numbers are abnormally high, something is up.
If you want to, you can also dig into the sessions per user by selecting a specific user on the left-hand side:
- - You can also dig into the specialized security side of dbWatch to learn more about the security of your accounts. dbWatch will tell you what user access to what host has, what plugin is used to secure its password, when the password was last changed, if the password expired or not and whether the account is locked or not – just expand the security section:
Keep an eye out on this section to tell if any new accounts are added to your database instances – if you recognize any account that does not belong to the staff of your organization, that should raise a red flag.
Keeping an eye out on the security of your database instances is a near-daily task of every database administrator. dbWatch can minify the time required to keep your database instances available, performant, capable, and of course, secure to tackle any challenge that comes their way – if you are interested in what dbWatch can offer in this space, be sure to try it today or contact support if you are still not sure dbWatch can fill the security void in your database instances or farms.
About the Author:
Lukas Vileikis is an ethical hacker and a frequent conference speaker.
Since 2014, Lukas has found and responsibly disclosed security flaws in some of the most visited websites in Lithuania.
He runs one of the biggest & fastest data breach search engines in the world - BreachDirectory.com, frequently speaks at conferences and blogs in multiple places including his blog over at lukasvileikis.com.