How Database Security is different in the Cloud
Every cloud provider delivers basic security, plus organizations implement various security tools such as network firewall, Web Application Firewall (WAF), Intrusion Detection System (IDS), Intrusion Prevention System (IPS), etc. However, these tools provide only perimeter protection and not actual database protection, so database contents remain vulnerable to outside and inside threats.
To ensure database protection DBAs are required to perform a whole set of activities: user authentication, setting up privileges, monitoring database activity, database access control, intrusion prevention, data masking, etc. Providing cloud database security, however, can be problematic and traditional defenses will not fly, because DBaaS does not provide OS control. Therefore, agent-based solutions cannot be installed.
The effective way to close this gap and achieve database security in the cloud is to use a proxy firewall. The firewall is positioned between the application users and the cloud database and eliminates their direct communication. The proxy intercepts and filters inbound and outbound traffic to block activity that contradicts with configured set of security rules. It monitors all actions, from basic login events up to admin commands.
DataSunrise Database Security
DataSunrise provides database security solution for organizations running their databases on SQL Azure and Amazon RDS. Proxy firewall enables to automatically discover and mask sensitive data stored in the database (credit card numbers, SSN, tax Ids, e-mails, authentication credentials, etc.). It blocks SQL injections in real time, monitors database activity performed by both users and DBAs and restricts database access based on user, IP, time, date, etc.
Adopting DBaaS helps companies to increase business agility and reduce costs. The right security tools ensure that while migrating to the cloud your organization remains compliant with regulatory requirements and your cloud-hosted databases are fully protected.