The Security Risks Associated with Online Access to Databases - Essay Example

Patches are infrequently applied because of the concept that if something is not broken, it doesn’t need to be fixed. Other areas of neglect are poor configuration management such as taking shortcuts, using test databases on production servers, etc. The latter especially leads to even further risks (Chickowski, 2009-8). These and other security lapses make databases vulnerable from worms, automated scanners, etc. Online databases can suffer from buffer overruns and the URLs “allow attacker code to be executed, and generally wreak havoc” (Chickowski, 2009-6).

As for the application design itself, experts have even identified the riskiest packages such as DBMS_SQL, UTL_TCP, and DBMS_XMLGEN within Oracle, and third-party applications can also undermine databases (Chickowski, 2009-8).Simple and expected measures for security are authentication, authorization, and access control. Apart from configuration and patches, more advanced measures are encryption, auditing, monitoring, and data masking essential for enterprise databases. Besides these, other technological solutions are ‘hardening’ the database using features provided by the database vendor, and keeping out non-essential items from the server, including documentation, sample configurations, code files and if possible built-in stored procedures that are unused.

Anything else that cannot be deleted should be disabled instead.The relationship between databases and web applications is based on trust but this can be weakened from SQL injection attacks, thereby permitting further attacks. Even encryption cannot prevent these types of attacks (Chickowski, 2009-8). An awareness of this particular danger is the first step before taking measures to “restrict user transactions to a specific set of pre-written stored procedures” (Chickowski, 2009-6).

The issue of trust also extends to user privileges and access rights. From a security perspective, superusers, who have access to everything, and ordinary users, who overstep their privileges, are concerns and both types of users need to be monitored. It is also possible for someone else to gain access to a superuser account by hacking or social engineering. In fact, the most likely persons to steal, infect or damage data are not hackers but authorized users (Chickowski, 2009-9).A solution in these cases is to retain control by defining precisely “who actually should have access to what kinds of data, and under what circumstances” (Chickowski, 2009-6).

This requires classifying users, “monitor access activity, track usage, and look for anomalies” (ibid). More advanced features that are being developed include “statistical profiling of user access behavior, automatic detection of anomalous activity, and real-time alerting in response” (ibid). Until then, database administrators, security personnel and application developers should take the issue of security seriously and make the best use of existing measures.