Control Your Database Infrastructure

Complex databases 'need close monitoring and management'

Complex databases 'need close monitoring and management'

With databases becoming more and more complex and companies having to deal with an ever-increasing amount of sprawl, taking steps to bring these assets back under control will be essential to administrators.

This is particularly true when it comes to monitoring solutions and auditing them for compliance requirements, as failing to keep a close eye on databases can cause a number of issues that could be costly and time-consuming to respond to.

Dark Reading noted that database assets are some of the most likely parts of a system to draw the attention of auditors due to issues such as misconfigured settings and undisciplined management practices, a problem which could get worse as the scale of corporations' solutions grow.

"The complexity of today's database environment leaves ample opportunity for configuration and vulnerability trouble that'll torpedo an audit before it's hardly begun," the publication observed, which can lead to significant headaches for administrators looking to ensure their solutions comply with all regulatory requirements.

In order to keep their databases under control, organisations need good configuration management procedures. This includes avoiding relying on default settings, uninstalling components that are not used and segmenting data according to risk. Firms should also place a high priority on patching known vulnerabilities as soon as possible and testing regularly for previously undiscovered weaknesses.

Encryption is another area that needs a close focus, as when information is not encrypted at the database level, it makes life easier for hackers to extract valuable and confidential details. However, even where precautions have been taken, the type of encryption employed will be looked at carefully as part of a review.

Ken Pickering, development manager of security intelligence for Core Security, explained: "Many [businesses] fail to encrypt sensitive tables in a database and instead simply rely on whole disk encryption. While whole disk encryption can help prevent leaks in certain IT cases, a SQL injection can easily expose data if the tables are unencrypted."

Other areas that need close management in order to satisfy auditors that expansive database solutions are compliant include strong access controls and comprehensive monitoring tools, as if these are not in place, it can be difficult to determine what a user is doing in a database, making it harder to detect unauthorised activity.

Keep in touch
Signup for our newsletter: