How to Mitigate Human Risks in Database Security?
According to IBM’s 2021 Cost of a Data Breach Report, human error is the top cause of data breaches. While much attention in the security world is placed on malicious attacks, it’s worth noting that breaches caused by human error can have consequences that are just as serious.
The practice shows that security breaches can be very costly for not only your reputation but also your bottom line. According to IBM’s 2021 Cost of a Data Breach Report, the global average cost of a data breach for the 2021 is $4.24 million, a 10% increase from the 2020 study. Just as it was last year, the most expensive country in terms of average total cost of a data breach is the U.S. at $9.05 million, more than twice the global average.
But don’t be afraid, you can decrease the possibility of data breach by mitigating the easily avoidable human factors of cyber security. Just follow our tips.
1. Educate Your Employees
There are many ways a bad guy can break into your system through social engineering. Social engineering is the use of media to manipulate people into giving up confidential information. Here are some examples:
- Spear Phishing: a variation of phishing which is more successful than regular phishing. Highly customized emails are typically sent to a much smaller number of potential victims to use familiarity to involve the victim into the scam.
- Reverse Social Engineering: for this particular strategy, a hacker attacks a company’s network and claim to have found the source of the hack in order to offer help in repairing it. If the help is accepted, the hacker then get access to the system.
- The Friendly Hacker: is a more recent style of social engineering that focuses on email or social media accounts. Here a hacker tries to access an account and search their messages for any kind of PDFs, video files, or other kind of downloadable content. A malicious code can be embedded into another document, labeled as an “updated version,” and this file then will be sent to the unknowing victim to open. One key to take note of here is that the initial victim is not always the target, but more higher-ranking employees are the ultimate target.
2. Utilize a Change Detection Software
This kind of automated software detects processes, flexible response options, and auditing capabilities to make it a powerful cyber security tool. This kind of software can also help you identify:
- Who made the change
- What changes were made
- Where the changes reside
- When the changes had taken place
- How the change was implemented
Note that you can use DataSunrise’s Data Audit feature together with a SIEM system of some kind to track changes made in database tables.
3. Build Your Business System on a need-to-know Basis
Remove excessive privileges – all your employees should have access only to that database objects they need for their work.
- Use dedicated security software which helps you to reveal and remove excessive privileges.
- Use a database firewall. Note that DataSunrise’s Database Firewall can protect your database objects from been accessed based on database usernames, client application names and based on the source of incoming queries.
- Use on-the-fly masking for controlling access to your sensitive data. Note that DataSunrise features both Dynamic and Static Data Masking.
4. Track Your Employees’ Actions
- Deploy a Database Activity Monitoring system to track all your employees’ actions and ensure that your employees don’t try to access the data they don’t need to access. This means not only regular employees, but administrators as well.
Note that DataSunrise features such a system – Data Audit. DataSunrise includes self-learning engine that can be used to learn normal user behavior and create white lists and black lists of queries.
5. Implement Reliable Password Management
- Create strict rules for password usage, including a minimum length, a ban on complete dictionary words, and a requirement to use different character types (including uppercase and lowercase letters, numbers and keyword symbols).
- Implement technical safeguards to enforce appropriate passwords and changes. Address policies and penalties for employee password sharing in your security policy. Fully encrypt all stored passwords according to security standards such as PCI DSS.
6. Enforce Multiple-Factor Authentication
Single-factor authentication can cause undetected unauthorized access for long periods of time, so additional authentication factors may be necessary for security.
- Implement, at a minimum, a two-factor authentication for users. Note that DataSunrise provides two-factor authentication mechanisms for database access.
7. Compromised Personal Digital Devices
Bring Your Own Device (BYOD) means using personal smartphones, tablets and laptops to perform business tasks, and access sensitive information. Creating a BYOD policy is an important component of mitigating the human risk to security – allowing employees to use their own devices in a secure and tightly controlled way. Local storage of sensitive data can be prevented, and secure work applications can be used to protect the device’s contents.