By Sujain Thomas, Security of Your MySQL Database, Remote DBA
If you have been keen on database security news, you may have heard of the attacks on MySQL databases.
The attacks used to be common on the likes of CouchDB, Cassandra, MongoDB, and ElasticSearch. They are now on MySQL.
When you come to think of it, no platform is safe. It is up to you to keep your database safe. There are a couple of things you should consider doing.
Don’t leave any ‘open doors’
The key to boosting the security of your MySQL database is to start by minimizing the SQL server exposure. This means you need to cover all the ‘doors’.
Only install the required components and avoid running your server using an account that has local Windows administrative privileges.
A domain account will minimize exposure. What’s more, is that you need to edit all the default settings. If you are not using some of the default settings, disable them.
Hackers target the default settings in their attacks.
Limit who can access the server
When planning the user and service accounts, you have to be mindful of user accountability. This will help prevent the misuse of privileged accounts.
When you have the option of integrated Windows authentication and the built-in SQL server authentication, go with the integrated Windows authentication.
If you must use the second option, ensure that you have a strong password policy. Avoid the use of shared user accounts for the administrators.
For more security, you must always use the dedicated accounts. If you are still confused about which service to use, consider hiring professional database services.
Plan database ownership as well as data security in advance
The mistake most people make is that of making alterations as they go. When it comes to the security of your database, this is not something you should do.
You have to plan everything in advance.
You need to begin by identifying the needed level of protection as well as encryption for your MySQL database.
This is more so if you will be dealing with sensitive data such as credit card or patient health information.
Making sure that you have all the information on data confidentiality will also help. Assign distinct database owners; this simply means that you should not use the same login for all accounts.
There should also be one similar process for new database requests and approvals.
Patch your SQL servers regularly
For added security, you have to come up with a patch management plan.
Remember that attackers are actively looking for more efficient ways of breaking into IT systems.
A sound patch management plan will make sure you have implemented the right safety measures to keep malware and viruses out.
Make sure that you have the latest updates at all times.
Improved MySQL database security calls for a thoughtful policy. You have to be proactive in all your actions. The mistake you can make is that of assuming that your servers are impenetrable.
It is wise to always keep checking the soundness of your databases and make sure you implement new security measures as soon as they are available to you.
About the Author
Sujain Thomas is a DBA expert offering database services in California.
She takes pride in helping her clients secure their databases and also sharing information on database security.