8 Tips for Protecting Your Database | eWeek

8 Best Practices for Keeping Your Database Secure

Database audit
Aug 4, 2016
3 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More


8 Best Practices for Keeping Your Database Secure

1 - 8 Best Practices for Keeping Your Database Secure

As the deluge of data threatens to drown unprepared enterprises, proper data management and protection is a must. Here are tips to keep your data protected.


Don’t Let Your Data Be a Sitting Duck

2 - Don't Let Your Data Be a Sitting Duck

Protecting data at rest through effective cryptography and tokenization is the first step toward effective database security. Where possible, native encryption usually trumps third-party solutions. Best practices that are important include log and temp table protection, key rotation and separation of duty for key management.


Encrypt Data in Motion

3 - Encrypt Data in Motion

Similarly, data in transit to and from the database needs proper protection, so be sure your organization is using up-to-date SSL/TLS encryption protocols. Don’t take it for granted that your database will have encryption; not all of them do.


Create Processes and Policies for Data Governance

4 - Create Processes and Policies for Data Governance

As data spreads across an enterprise, solid data governance is key to complying with regulations such as PCI, HIPAA or SOX. This means understanding where sensitive data resides, ensuring that production data doesn’t sit within less-secure test and development environments, and instituting policies around separation of duties.


Advertisement

Control Who Has Access to Which Data

5 - Control Who Has Access to Which Data

Identity and access management (IAM) controls are the foundation for effective database security. An organization must be able to reliably ensure that users and system-level accounts have access only to the data necessary to get their jobs done. This requires strong password management and validation, as well as technical controls to support authorization and role-based access control (RBAC).


Track Activity to Simplify E-Discovery

6 - Track Activity to Simplify E-Discovery

It’s insufficient to implement role-based access control (RBAC); it’s also crucial to track and log account activity after login to establish a credible audit trail. This is important for compliance and for providing a record of activity should incident responders need to investigate suspicious activity.


Don’t Trust Input

7 - Don't Trust Input

Without some kind of filter for queries coming from web forms and public-facing web applications, databases will remain vulnerable to SQL injection attacks, putting their entire content at risk of a breach. It is important to institute a mechanism, such as a plug-in, to filter suspicious queries to stem the tide against this common and powerful threat.


Keep Your Defenses Up to Date

8 - Keep Your Defenses Up to Date

Vulnerable databases pose considerable risk to the organization. Ensure you have a rigorous patch and maintenance process to keep databases up-to-date and reduce your exposure to attack. If your security solutions in place don’t update frequently, consider swapping them with something else. A solution with a long time between updates won’t patch itself fast enough to keep up with the latest in attacks.


Advertisement

Stay Secure and Save Money With Open-Source Databases

9 - Stay Secure and Save Money With Open-Source Databases

Not only are open-source databases more affordable for more organizations, but they also can be inherently more secure due to the benefit of code transparency and constant vigilance by the open-source community in searching for potential vulnerabilities. This vigilance also tends to turn into faster updates to fix any vulnerabilities that get caught. Rather than one set of eyes, many are involved in keeping on top of bug fixes.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.