individual breaks! Comprehensive management ideas for database security risk protection
Release time: 2022.07.28 | Source: Palladium
1. Current status of database usage
At present, users can access the database in two ways: indirect access and direct access:
Indirect access: Generally, ordinary users open the business system through the web page to perform normal business operations, thereby indirectly accessing the database.
Direct access method 1: Generally, operation and maintenance personnel, managers, and developers access the database through database connection tools such as PLSQL, SQL Developer, and TOAD, so as to directly access the database.
Direct access mode 2: Generally, the operator directly logs in to the operating system where the database is located, and then accesses the local database to directly operate all databases.




2. Databases face security risks
2.1 Indirect access risk
The behavior of accessing the database through an application is generally considered to be a relatively reliable behavior, but there are also security risks.
Risk 1: The business system is breached, illegal users upload code files to access the database, and access the database data through the page, resulting in data leakage and data tampering;
Risk 2: Ordinary user accounts are stolen, illegal users imitate legitimate users to access data, resulting in database data leakage;
Risk 3: Exploiting application system vulnerabilities, SQL injection attacks, and ultimately stealing or tampering with database data.




2.2 Direct Access Risk
The two ways of direct access are to directly connect and access the database through the management tool, and directly log in to the operating system where the database is located to access the local database. In the actual operation and maintenance of enterprises, the security risks faced by the database caused by direct access include:
Risk 1: Account management is loose, and there are situations where multiple users share one account;
Risk 2: The account authority is too large, the access behavior is uncontrollable, and it is impossible to judge whether the behavior is legal;
Risk 3: There may be abuse of database accounts and cannot be detected.



3. Comprehensive management ideas
3.1 Risk governance of indirect database access
Risk 1: The business system is breached, and the code files for accessing the database are uploaded.
Governance idea: Using WEB server protection technology, in addition to matching the signature database, whitelist modeling is carried out for normal business. When abnormal business access or XSS attack occurs, Palladium's next-generation WEB application firewall NGWAF will protect the business system and prevent it. was breached.



Risk 2: Ordinary user accounts are stolen, and illegal users imitate legitimate users to access the database.

Governance idea: strengthen authentication when accessing business systems for ordinary user accounts. It can be combined with certificate authentication technology, and ordinary users need to have authentication UKEY when accessing the business system; or dynamic token technology, which requires data dynamic token code when accessing the business system. The above two methods ensure that users not only have user accounts and passwords, but also third-party certificates and dynamic codes when accessing the business system, which can greatly reduce such risks.


Risk 3: Exploiting application system vulnerabilities, SQL injection attacks, and ultimately stealing or tampering with database data.
Governance idea: At the front end of the application system, use Palladium's next-generation WEB application firewall NGWAF to prevent business vulnerability injection, and for the dangerous behavior of accessing the database through business logic loopholes or code bypassing NGWAF, deploy the database access firewall DAF at the front end of the database. Access, behavior, and business modeling comprehensively defend against database attacks, greatly reducing such risks.



3.2 Risk governance of direct access to the database
Risk 1: Account management is loose, and there are situations where multiple users share one account.

Governance idea: First, try to achieve one account and one user in database management. Second, if there is a shared account in the actual situation, the host user must first log in with the master account to access the database through the tool, and then use the slave account, that is, the database account to run operations. Maintain the database, so as to ensure that each database operation is associated with the actual user, and finally solve the problem that the operation cannot locate the responsible person and the problem of account abuse when the account is shared, but at this time, the illegal SQL statement commands for database operation and maintenance cannot be blocked.


Risk 2: Directly log in to the operating system where the database is located to access the local database, the database operation authority is too large, and there are risks such as misoperation and malicious operations.
Governance ideas: From the management point of view, it is necessary to avoid directly logging in to the operating system for database operations. The host computer for daily maintenance of the database must first pass through the Palladium unified security management and operation and maintenance audit system SMS, and for the database installed on the LINUX host, through the SMS sets SQL statement control on key operations to avoid misoperation or malicious operations, and ensure that the entire process can be audited and monitored.

Risk 3: The account authority is too large, the database authority is abused, the access behavior is uncontrollable, and it is impossible to judge whether the access behavior is legal.
Governance idea: By deploying the Palladium database security operation and maintenance treasure DIM, it can realize the authority management of the operation and maintenance database, block the illegal SQL behavior of the natural person database account, realize the recovery of high-authority behavior, ensure that the operation and maintenance data does not fall, customize sensitive operations, and Access to sensitive business database tables to achieve automatic desensitization, so as not to affect the operation and maintenance of this account, but also to prevent the account's authority from being too large, resulting in the risk of data tampering and data leakage.

4. Suggestions on how to deal with security risks

Security construction should analyze the interests of security threats faced by customers according to the actual situation of users, and build corresponding database security solutions based on the principle of disposing of high risks first, and then disposing of low risks or temporarily not disposing of them. From the perspective of database security operation and maintenance management, operation and maintenance personnel need to protect all database operations from the business level and operation and maintenance level, and combine products and technologies to assist database security operation and maintenance management, and ultimately achieve database security and effective management.


Situation 1: The business system is an intranet system, with many operation and maintenance personnel and many business systems.
At this time, the risk of directly accessing the database is higher, and the business of indirectly accessing the database is also higher. Comprehensive consideration, you can use the combination scheme of [Palladium database security operation and maintenance treasure DIM combined with Palladium's next-generation WEB application firewall NGWAF] to carry out corresponding security operation and maintenance construction.

Situation 2: The business system is an external network system, there are many operation and maintenance personnel, and there are many business systems.

At this time, the risk of application access to the database and the risk of using tools to access the database are both high. Considering it comprehensively, you can use [Palladium database security operation and maintenance treasure DIM + Palladium database access firewall DAF + Palladium next-generation WEB Application Firewall NGWAF] combined solution to carry out corresponding security operation and maintenance construction.

Scenario 3: Based on the overall security of the current database, it is recommended to provide security protection and real-time interception of dangerous operations.
At this time, the above comprehensive product deployment plan can be used to realize all the pre-warning, inter-blocking, and post-event warning of the database from the operation and maintenance level to the business level.



Conclusion:
When discussing ideas for dealing with database security risks with customers, it is recommended to provide corresponding solutions according to the above different scenarios to ensure that data security risks are minimized to the greatest extent possible.
Copyright © 2019 All Rights Reserved Designed
Hangzhou pldsec Network Technology Co