SECURITY OF THE DATABASE
When planning the data center protection, we often make a mistake by relying heavily on perimeter protection and believing that developers who have developed applications have covered all security vulnerabilities.
About the solution
Although the protection achieved by good programming practices is very important, such as sanitizing user input, authentication or timer defining against brute-force and DDoS attacks, it is not sufficient to protect against all types of attacks. Therefore, in the planning of infrastructure protection, we leave aside those servers that contain key data for the company.
A very important item in protection is using the current patch on the servers where the application is located. This eliminates most of the well-known vulnerabilities and reduces the scope of the attackers. As an additional level of protection, it is recommended to use the Web Application Firewall (WAF), which will be able to extract information such as user ID, session cookie, browser type, IP address, location and all other metadata that they could point to an attacker. A good WAF solution will have the ability to learn about the normal behavior and use of the application, and will therefore be able to detect irregularities in communication and block them.
McAfee Data Center Security
Organizations store their most valuable and most sensitive data in the database, but the basic security of the database does not protect you from today’s sophisticated hackers or potential internal threats. Research shows that 96% of downturn records include databases, and 66% of the decline remains undiscovered for several months and longer. McAfee automatically locates databases on your network, protects them, and helps you build a security policy tailored to your environment.