Database Security

Articles, posts and news about data security.


Security Vulnerability Advisory

During routine internal security testing, a remotely exploitable issue was discovered. This issue has been addressed and is available in release: 4.0.5

Please feel free to browse and read about Database Security in the articles on this page. Take a peek at the upcoming events, see some use cases, read industry reports, or listen to our most recent podcasts.

Get started for free Download or Cloud Hosting
RavenDB database security methods

RavenDB Database Security Methods

16 minutes
With cybercrime estimated to have cost the global economy over one trillion USD in 2020, database security has never been more relevant. To properly secure a database, data must be protected both in transit between server and node, and at rest on the server.
RavenDB secure by default document database

Why Databases are Still Getting Hacked

7 minutes
After suffering waves of cyber-attacks, major NoSQL Databases are still getting hacked into. Discover what a database needs to consistently protect your data.

What is Database Security?

Database security include all the processes, tools, compliance policies, and audits employed to protect a database and the information it contains from external threats and unauthorized use.

Database security includes security measures to protect the database system, its users and certain applications used to access it.

Over the last decade, there have been a number of significant data breaches that have compromised the personal information and payment details of hundreds of millions of people worldwide. As a result, all large enterprises and most small businesses require a robust security apparatus be active at all times. Vendors to such organizations must also demonstrate that the data they share is also adequately protected.

RavenDB Cloud Hosted DBaaS

Spin up a remote database cluster in minutes with RavenDB Cloud.

Try out a Hosted Database as a Service (DBaaS) that covers all of your back-end chores, freeing you to focus primarily on what to do with your data. Using RavenDB Cloud NoSQL database, you can enjoy all of the features RavenDB offers without having to jump through hoops to get everything set up and secure.

  • Try RavenDB on Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP).
  • Enjoy automatic instance, setup, maintenance, and upgrades.
  • Protect your data in transit and at rest with top-level encryption. Maintain your data at all times with automatic failover, data backups, and X.509 authentication and authorization.
  • RavenDB Cloud is available in free, development, and production level tiers. You also can create your own custom plan.
  • Expand your database cluster to every corner of the world. Keep latency low and performance high to all of your users at any location.

Get Started

Database Security Best Practices

Employing best practices will minimize the points of vulnerabilities in your system while reinforcing those areas where your data is most protected.

Firewalls. A database firewall will deny access to general traffic by default. Traffic must come from a specific point like an approved application or server. A firewall will also monitor outbound connections from your database to keep everything safe.

Pick the low hanging fruit. Make sure that all security controls offered by the database vendor are enabled and properly configured to your systems unless there is a specific reason for them not to be.

Data Encryption. Make sure that the data in storage is encrypted so third parties cannot gain access to it. This is essential on the cloud because major cloud platforms are run by companies invested in various businesses, making them likely competitors. Make sure that backup data is also encrypted and stored in an independent location. Data should be encrypted both in transit and at rest.

Control Database Access. Database Admins should only have the privileges they need and only when they need it. Make sure you have effective logs of every action taken in your database systems, by whom, and when.

  • Require that passwords include letters, numbers, characters (!@#), and a mix of upper case and lower case
  • Lock accounts after multiple failed attempts
  • Make sure that accounts are immediately deactivated or disabled when staff, consultants, or other users are out of the office or leave their job

Conduct Periodic Audits of your Database Security. Make sure that if an account has been compromised, the damage is contained by reviewing your systems often and checking for non-routine activities by personnel at every level.

The Most Important Features in a Well-Run Database

Many development teams trip over the fallacies of distributed computing. Project Managers are fooled into making decisions based on assumptions like:

  • The network is reliable
  • Latency is zero
  • Bandwidth is infinite
  • The network is secure
  • Topology doesn’t change
  • There is one administrator
  • Transport cost is zero
  • The network is homogeneous

We fall into the trap of these assumptions because we develop our projects on a single local computer where all of these “rules” seem to apply. Once we go to production under a globally distributed system, your system can unravel.

Going live should be a seamless and exciting experience. In this webinar, you will discover what you need in your database to make sure that happens.

See the Webinar