Connecting a Bastion Server to a PostgreSQL Server via SSH Tunnel

PostgreSQL is a well-known relational database management system that boasts a secure environment for developers and users. But as remote work continues to be a part of every business’s new normal, IT professionals face a new set of challenges when it comes to managing the security and accessibility of their servers.

Using a bastion server to access a PostgreSQL database adds an extra layer of security. But because bastion servers should act as firewalls, it’s necessary to use a Secure Shell (SSH) tunnel to lower the level of the private network exposure.

CodingSight - Connecting a Bastion Server to a PostgreSQL Server via SSH Tunnel
Read More

How to Protect MySQL Databases from Ransomware Campaigns

MySQL is known for being easy to use and highly secure. That’s why it is the number one choice for many organizations, including the biggest brands like Facebook, Google, Uber, and YouTube. Because it’s open-source, it’s free to use and modify even for commercial purposes. But although it can be very secure, the security features are not always utilized properly.

Cybercriminals are good at finding ways to exploit the masses. Ransomware attacks have penetrated everything from cities, schools, and hospitals to large and small businesses. Victims are tricked to allow malicious programs into their systems where those programs lock files until getting ransom. Organizations of all kinds that use MySQL and other database management systems are at risk of attacks.

CodingSight - How to Protect MySQL Databases from Ransomware Campaigns
Read More

Secure Connection to Azure SQL Database

As a database administrator, I started my journey in deploying managed SQL databases on the cloud, and I highly recommend deploying Azure SQL.

Azure SQL belongs to the family of managed resources on the Azure cloud platform that runs the very familiar SQL Server engine. For most of these database resources, the Microsoft Azure platform takes care of the management, scalability, reliability, and performance recommendations. It also provides the underlying infrastructure to run the SQL Server database engine. Thus, the database administrator can focus on other aspects of work in the cloud.

CodingSight - How to Connect Azure  SQL Database Securely
Read More

SQL Vulnerability Assessment

SQL Vulnerability Assessment is a feature available in the latest versions of SQL Server Management Studio (SSMS). This feature is very easy to use and it will show you all the security vulnerabilities and deviations in your SQL database. This is something you can run on your most critical databases to ensure you’re properly following strict security practices and that your client’s databases are in safe hands. In this article, we will describe the process of running these scans against your databases. With the amount of data growing with each year, database security is an important aspect every DBA needs to take care of. The consequences of data breaches are severe, so they may affect your future as a DBA and severely damage your firm’s reputation. Read More

In-depth Exploration of Row Level Security

Introduction

Organizations are becoming more and more concerned about how to reduce the cost of licensing database solutions using consolidation. Some consolidation can be achieved in SQL Server simply by taking advantage of the existing one-to-many relationship between instances and databases. However, there are cases where the solution demands that data is consolidated into one table. In such a case, there may be concerns about how to restrict access to the data.

Row Level Security was introduced in SQL Server 2016 as a solution to scenarios similar to the above. It allows you to restrict access to rows in a table based on conditions defined in an inline Table Valued Function called a Predicate Function. When a Predicate Function is applied to a user table containing consolidated data, the system can be configured to return different data sets to different users depending on their roles which in turn depends on their job descriptions or departments for example.

Read More

Introduction to Row-Level Security in SQL Server

Why Row Level Security Matters?

Prior to SQL Server 2016, table-level security was the default lowest level of security for a database. In other words, a user could be restricted to access a table as a whole. However, in some cases we need users to have access to a table, but not to specific rows within the table. Prior to SQL Server 2016, this required custom stored procedures to be written for the provision of such fine-grained security. However, such stored procedures are prone to SQL injection and other security caveats.

Read More

Oracle Database Security: Database Auditing

In this article, I will continue with Oracle Database Security and I will present some important facts about standard database auditing, audit triggers, and audit policies in Oracle. Database auditing has two components: monitoring and persistent registration of established database activity sets and events. The purposes of database auditing are non-repudiation, investigation of suspicious activities, detection of problems generated by configurations regarding authorization (resources access), compliance with actual legislation and control. Read More

Database Security in Oracle

There is no secret that information makes the world go around currently. If an enterprise takes care of its intellectual property and each employee can easily get the necessary information, the enterprise can hope for the growth. If there is chaos in data, the enterprise will fail despite the team spirit.

In this article, we are going to explore the database security basics and examples of information protection in Oracle. Actually, the theoretical basics for protecting information in the database, which we are going to consider in this article, will be also useful to people working with other databases.

Read More

Setting Database Access Permissions

Server security mainly depends on how correctly you can configure access permissions on objects. Providing a user with excessive permissions may cause many issues. No, a user will not use your errors. Instead, any hacker or I will do this. In this case, you can forget about your tables with data or the whole database.

For some reason, the security of the database is protection from the outside, such as a hacker. However, this happens very seldom. I am a programmer in a big company and an administrator does not even think about protecting the server ports, where everything is open. There is a bunch of databases, programs, and even an FTP server on a single server and it has never been hacked over the past 5 years. Fortunately, I persuaded the administrator to deploy the WEB server on a separate hardware. Otherwise, if someone knew the IP address of our main server, any slacker would be able to hack it. Neither the database nor Windows has been patched for several years.

Read More