PostgreSQL Database Security Audit
Identify and address security threats to harden your database
Identifying breach points is the first step towards improving your database security so that your business is not impacted by its vulnerability. A PostgreSQL Database Security Audit identifies and addresses security threats to harden your PostgreSQL database and infrastructure.
Hardening your database will assist in your efforts to comply with regulations such as GDPR, PCI, and DSS. A vulnerability assessment of your network and application components will help you identify and address system weaknesses. This then helps prevent breaches from malicious attacks such as ransomware or database injection, as well as human error.
On This Page
5 Good Reasons to get a PostgreSQL Database Security Audit
- Ensure SLAs are met. Data security is key for any organization’s credibility. Ensuring that SLAs are met maintains integrity with customers while also meeting long term business goals.
- Classify Vulnerabilities. All systems are vulnerable to attack. Identifying vulnerabilities and securing them properly will help prevent system breaches.
- Validate Security of Backups and Backup Channels. Backups of data are just as important as the live data and must meet SLAs, so it’s important to audit and secure the backups and backup channels regularly.
- Identify Outdated Software and Libraries. Outdated software and libraries are practically an invitation for hackers. It is important that the database and all libraries it is dependent on are up to date so nothing can be breached via known security holes.
- Optimize Logging/Auditing. Ensure logging and auditing configurations are capturing the necessary information to prevent a breach or identify where/when a breach happened if one did occur.
What’s Covered
A Security Audit with 2ndQuadrant evaluates and analyzes your system’s security, documents vulnerabilities discovered, and provides a customized report that includes recommendations and prioritized remediation steps. This vulnerability assessment covers the following areas:
- Operating System Security. To have a secure database you must first have a secure operating system. Our experts will recommend measures you can take so your system’s OS is protected from remote hacking or malware.
- Network Security Strategy. We analyze firewall levels and provide a customized strategy for implementing measures that need to be in place to prevent any unauthorized access to your system.
- User Authentication Levels. The most common method of identifying unauthorized access. Our experts look at your business and recommend unique authenticating levels to ensure each user only has the required access.
- Schema Level Security. We analyze user entry points and recommend a method for defining privileges within the system schemas to establish clear boundaries and prevent trespassing.
- Data Encryption. Encryption is another way to protect the information on your database. Encryption is a wall of complex code requiring a security key to gain access. We provide recommendations on how to best encrypt your system so potential hackers can’t decipher your data.
- Backup Security. Data backups are a frequent target of attackers. We evaluate your backups and validate that their entry points are as secure as the primary data.
- Row Level Security. We suggest policies to specify the information each user is allowed to access. We review the way each type of user is able to interact with your data, and recommend a plan to restrict access for users when necessary.
SQL Firewall
In an increasingly connected world, the surface area for possible cyber threats is multiplying daily, creating a critical need for more sophisticated data security procedures. SQL Firewall is an easy-to-use PostgreSQL extension, developed by 2ndQuadrant, for statement-level whitelisting for individual users. SQL Firewall is available to all 24/7 Professional Support customers.
Database Security Knowledge Base
Whitepapers
Security Best Practices for PostgreSQL
Learn how to harden your PostgreSQL database cluster by developing a deep understanding of security features available and checklist of industry best practices.
Practical Applications
Leading Data Security Company partners with 2ndQuadrant for distributed database application
2ndQuadrant partnered with reputable data security company Gemalto (a Thales company) to provide unprecedented security and compliance for the most important business asset of any organization — their data.
Videos
Webinar: Using SSL with PostgreSQL and pglogical
The webinar was held on November 13, 2019, and covered the following topics: What SSL provides – encryption and authentication, Levels of SSL verification, Client certificates and server certificates, Use of self-signed certificates for testing, Creation and use of Certificate Authorities, Use of intermediate Certificate authorities, SSL cipher suites, Server settings for SSL, libpq settings for SSL, Multi-factor authentication with client certificates, Setup of pgbouncer with server and client certificates and Delegation of authentication to pgbouncer using a map.
Webinar: Security and Compliance with PostgreSQL
This webinar was held on April 24, 2019, and covered the following topics: Advanced features for security in PostgreSQL, PCI compliance, Backup security, Schema level security, and Row-level security.
Webinar: Banking On Postgres – Financial Application Considerations
This webinar was held on January 29, 2019, and covered the following topics: Attributes of Financial Databases, Selecting Hardware, Maximizing Resources, Addressing Throughput, Incorporating Maintenance, High, Higher, Highest Availability and Backups.
Webinar: Database Security in PostgreSQL
This webinar was held on September 12, 2018, and covered topics: Introduction to Database Security, PostgreSQL Security Architecture, Postgres encryption, mandatory access control, roles, privileges, and more.
Training
PostgreSQL Security
This training course highlights the importance of database security within an enterprise. You will also learn how to harden your database, so that you don’t become a victim of a malicious attack.
Migration to PostgreSQL [Webinar]
/1 Comment/in Liaqat's PlanetPostgreSQL, Webinars /by Liaqat AndrabiAmong the many reasons to Migrate to PostgreSQL, dedicated support and seamless transition are key drivers for a business considering migration. Being open-source software, PostgreSQL provides a highly reliable, stable, scalable, and secure database migration, keeping in mind the unique needs of every business. Migration to PostgreSQL, however, can still be an extensive process as […]
Security and Compliance with PostgreSQL [Webinar]
/0 Comments/in Liaqat's PlanetPostgreSQL, Webinars /by LiaqatFor businesses handling personal data, the security of their database is a serious matter. Faced with an increasing number of attacks, organizations must improve their security and compliance policies, enhance their database infrastructure, and ensure all proper security protocols are in place. As part of the ongoing PostgreSQL Webinar Series, 2ndQuadrant hosted a webinar on […]
A tale of password authentication methods in PostgreSQL
/0 Comments/in Eisentraut's PlanetPostgreSQL, PostgreSQL /by Peter EisentrautLet’s say you want to implement a password authentication method in a client/server protocol. How would you do that and what would be the possible problems? The following is the story of how this was done in PostgreSQL. password In the beginning, PostgreSQL only had the method that is now known as "password" in pg_hba.conf. […]