Databases usually provide the largest amount of marketable data in an enterprise, and the least secure databases are the first ones to get attacked. However, doing certain things can lessen the risk.
- Find the database servers: These may not only be in the data center, but also in embedded systems, research and development labs, and test environments which often mirror production servers down to their most sensitive information.
- Lock all database servers down: This includes firewalls to limit which who or what has access to the server and patching regularly against new threats, as well as making sure web applications backed by a database contain secure coding.
- Turn on auditing capabilities: Often turned off to attempt improving performance, auditing makes investigating possible breaches easier and helps with compliance.