Don’t be hard-headed… Harden your PostgreSQL database to ensure security

When it comes to database security, the risk is definitely not worth the reward. Being hard-headed about database security procedures can not only disrupt your business and cost you millions, but it can make irreparable damage to your customer relationship and public identity. How important is the security of your data to your organization

Nearly 90% of respondents in the 2017 Nexia International Global Cybersecurity Report  stated that cybersecurity is a top or moderate concern for their organization, yet only 53% reported having a formal cybersecurity plan in place. Even more alarming is that 20% of respondents that are required by law to have a formal Cybersecurity Plan do not actually have such a program in place [1].

It’s obvious that the need for cybersecurity plans and procedures is acknowledged by most businesses, yet only few actually allot budget to action such plans. Apart from the legal ramifications of an insufficient security strategy, the negative impact that a breach can have on a business can be extremely costly.  According to Microsoft, a data breach will cost the average company about $3.8 million [2], not to mention the negative impact it can have on the business in the years following if such a breach becomes public knowledge.

Gartner predicts that there will be 21 billion connected devices in the world by 2020 [3] – which means increased surface area vulnerable to cyber attack. Not only is personally identifiable information at risk, but stricter regulations (GDPR, anyone?) are now requiring more stringent data security measures for compliance.

Determining breach points in your database is the first step towards improving the security of your infrastructure to avoid being impacted by vulnerabilities that can be prevented. An investment in the proper database security is the insurance you cannot afford (literally) not to have.

Evaluating the security of your database can ensure SLAs are met, classify vulnerabilities, validate the security of backups and backup channels, identify outdated software and libraries, and optimize logging & auditing to ensure logging/auditing configurations are capturing the necessary information to prevent a breach or identify where/when a breach happened if one did occur.

New types of malware are being developed every day; so it would be reckless not to have preventative measures in place for known vulnerabilities at minimum. The best defense is a good offense – don’t wait until your business is disrupted by an attack.

Take preventative measures to identify vulnerabilities and harden your database against attack. Something as simple as a Database Security Audit could help give you an idea of where to make improvements.

[1] http://nexia.com/assets/files/Global_Cybersecurity_Report_2017.pdf

[2] http://thebestvpn.com/cyber-security-statistics-2018

[3] http://www.gartner.com/doc/3299317