Secure databases in complex backend systems with these 5 best practices

  • Keep application and database servers on different physical machines, with a high-performance host for the apps & high-level security for databases.
  • Set up web application firewalls, and anti-malware & anti-ransomware solutions for the database server and review them regularly. Turn off any services not frequently used.
  • Encrypt data residing on servers with a private key and also encrypt before transit.
  • Limit the number of users accessing the database. Allow access only when required. Maintain and monitor activity logs. Keep database credentials hashed and salted.
  • Patch the OS and third-party software, APIs and plug-ins using the latest versions. Remove or deactivate unused apps.
  • Schedule regular backups and use a database proxy to accept requests only from trusted sources.

Full post here, 6 mins read