6 Database Security Best Practices
Medium – Talha Khaild
Separate Database Servers
House databases on separate containers/servers from websites/applications
Use non-default communication ports and HTTPS proxy servers
Implement network micro-segmentation for database servers
Database Firewalls
Use database-specific firewalls that deny access by default
Only allow traffic from defined approved sources
Control firewall rule changes via change management
Secure Access
Minimize users/apps allowed to access databases
Require authorization for all database access
Follow principles of least privilege and least time
Database Hardening
Strengthen passwords, access controls, encryption
Disable unnecessary services/functions
Separate sensitive data into different tables
Continuous Monitoring
Monitor logs for logins, privilege changes, data access
Use SIEM tools for security alerting
Implement database activity monitoring (DAM)
Test Database Security
Perform continuous patch management
Use provider security testing tools
Link: https://faun.pub/6-database-security-best-practices-1e88af5facc5