Data Security

Dr. Assem Khalaf

gu.edu.eg
Insiders may comprise current or former employees,
curiosity seekers, and customers or partners who
take advantage of their position of trust to steal data,
or who make a mistake resulting in an unintended
security event. Both outsiders and insiders create risk
for the security of personal data, financial data, trade
secrets, and regulated data.

2
3
Cybercriminals have a variety of approaches they employ
when attempting to steal data from databases:

• Compromising or stealing the credentials of a

privileged administrator or application. This is
usually through email-based phishing, other
forms of social engineering, or by using malware
to uncover the credentials and ultimately the
data..

4
Cybercriminals have a variety of approaches they employ
when attempting to steal data from databases:

• Exploiting weaknesses in applications with

techniques such as SQL injection or bypassing
application layer security by embedding SQL code
into a seemingly innocuous end-user provided
input.

5
Cybercriminals have a variety of approaches they employ
when attempting to steal data from databases:

• Escalating run-time privileges by exploiting

vulnerable applications.

6
• Accessing database files that are unencrypted on
the disk.
• Exploiting unpatched systems or misconfigured
databases to bypass access controls.
• Stealing archive tapes and media containing
database backups.

7
• Stealing data from nonproduction environments,
such as DevTest, where data may not be as well
protected as in production environments.
• Viewing sensitive data through applications that
inadvertently expose sensitive data that exceeds
what that application or user should be able to
access.

8
• Human error, accidents, password sharing,
configuration mistakes, and other irresponsible user
behavior, which continue to be the cause of nearly 90%
of security breaches.

9
Database security best practices

10
A well-structured database security strategy
should include controls to mitigate a variety of
threat vectors. The best approach is a built-in
framework of security controls that can be
deployed easily to apply appropriate levels of
security. Here are some of the more commonly
used controls for securing databases:

11
Assessment controls
• help to assess the security posture of a
database and should also offer the ability to
identify configuration changes. Organizations
can set a baseline and then identify drift.
Assessment controls also help organizations to
identify sensitive data in the system, including
type of data and where it resides. Assessment
controls seek to answer the following
questions:

12
• Detective controls monitor user and application
access to data, detect and block threats, and audit
database activity to deliver compliance reporting.

13
• Preventive controls block unauthorized access to
data by encrypting, redacting, masking, and
subsetting data, based on the intended use case.
The end goal of preventive controls is to halt
unauthorized access to data.

14
• Data-specific controls enforce application-level
access policies within the database, providing a
consistent authorization model across multiple
applications, reporting tools, and database clients.

15
• User-specific controls enforce proper user
authentication and authorization policies, ensuring
that only authenticated and authorized users have
access to data.

16
Data security solutions

Reduce the risk of a data breach and simplify

compliance with data security best practices, including
encryption, key management, data masking, privileged
user access controls, activity monitoring, and auditing.

17
• Data protection: Reduce the risk of a data breach
and noncompliance with solutions to satisfy a wide
range of use cases such as encryption, key
management, redaction, and masking.

18
• Data access control: A fundamental step in securing
a database system is validating the identity of the
user who is accessing the database (authentication)
and controlling what operations they can perform
(authorization).

19
• Strong authentication and authorization controls
help protect data from attackers. Additionally,
enforcing separation of duties helps to prevent
privileged users from abusing their system
privileges to access sensitive data, and also helps to
prevent accidental or malicious changes to the
database.

20
Thank You

gu.edu.eg