Database is one of the most integral components of any system, and keeping data both secure and accessible is a demanding task every business is facing today. One of the more recent trends in enterprise security has been the movement away from protecting the perimeter of the network to protecting data at its source. Today’s corporate environment must provide access to data not only to its employees, but also to partners and customers located on separate networks, potentially thousands of miles away. In order to protect the database system, one must first understand its vulnerabilities. In general, database vulnerabilities fall into the following groups:
Vendor bugs are code exceptions and buffer overflows that allow executing malicious commands. These are usually fixed by patches and configuration updates. To remove this vulnerability, you must stay current on the program updates and patches and install them as soon as they are released.
Poor architecture is basically an application design in which security was not taken in consideration. This one is usually the hardest to address because it requires major redesign and rewriting of existing platform or application. An example of this is using a weak encryption algorithm.
Misconfigurations are caused choosing database settings that provide inadequate database security. Some of these can simply be the default settings that comes out-of-the-box. Others caused by lack of thought put into deciding what values should be chosen for a given environment variable. An example of this is REMOTE_OS_AUTHENT parameter in Oracle database. REMOTE_OS_AUTHENT = “true” allows non-authenticated users to gain access to your database.
Incorrect usage is using applications and tools for malicious purposes to gain unauthorized access to the system. The most common example of this is SQL Injection, one of the most prevalent forms of attack used by hackers.