Chapter 6. Security

 

In this chapter, we’ll cover

  • Authentication modes
  • Secure networking
  • Least privilege
  • Auditing and Change Data Capture
  • Data encryption

As you learned in chapter 1, successful database administration involves designing and executing tasks that ensure that a database meets four key criteria: security, availability, reliability, and recoverability. This chapter is dedicated to the first of these criteria, security, and we’ll address this topic from a range of perspectives.

Before we begin, it’s important to note the difference between a secure environment and a convenient one. A convenient environment, in which developers, users, and database administrators are free to go about their business unhindered, is usually an insecure one that often ends in disaster, intentional or otherwise. In contrast, a secure environment is one in which complaints about “how long it takes to get stuff done” aren’t uncommon. The key is striking the balance between security and productivity.

6.1. Authentication mode

6.2. Networking

6.3. Implementing least privilege

6.4. Auditing

6.5. Data encryption

6.6. SQL injection protection

6.7. Best practice considerations: security