Cyber Defense eMagazine November 2020 Edition

More documents

Recommendations

Info

#3 Delete “default” and sample databases. The word “default” is the playground for cybercriminals. Those who have suffered cyber breaches will know, it can nearly always be replaced with the phrase insecure: default passwords are weak passwords; default settings are unsafe settings. If there is a default anything in your environment – always delete it. #4 Strong passwords are essential. Again, another seemingly mundane and straightforward action, but one that is the most overlooked. Default or weak passwords attract cybercriminals like bees to honey. Change passwords often, use unique passwords for different projects, make sure passwords are strong, and very importantly, change all default passwords. #5 Use role-based access control (RBAC) and Active Directory. Control privileges to both administrative activities and data access with fine-grained access control. Also, protect user credentials and manage them at a centrally controlled place with Active Directory. #6 Encrypt your data in-transit, on the wire, and at rest: Make sure that your data is encrypted as it travels over networks during client-server communications or when it is being replicated within the database server or being replicated between database servers in different data centers/zones/regions. Likewise, you should encrypt the data when it is stored for persistence. These measures prevent unauthorized access to data at all levels. #7 Use updated TLS Ciphers. Transport Layer Security (TLS) enables secure network communications. This security can be further enhanced by using updated versions of the ciphers and/or by picking customized ciphers. On top, a well-thought-out policy for certification expiration/rotation/revocation should also be implemented. #8 Limit port access. Allow firewalled access to the minimum set of network ports that are needed for your database to work. #9 Report security issues immediately. If your database has been breached or you think there may be a security flaw, report it. Immediately. There is a community of people out there that can offer you advice and benefit from this information. Security is always better when we pool resources and work together as an industry – keeping us one step ahead of cybercriminals. A problem shared Hackers and cybercriminals are always going to be part and parcel of our business life. It is a bleak reality. We need to invest in education and adopt best practices, and we need to acknowledge that ensuring compliance and adopting good security policies is an industry-wide responsibility. For those of us deploying, implementing, and developing on databases, this is even more relevant. From web, mobile, and app developers through to C-suite and technology executives, everyone involved in databases has responsibility for ensuring they are secure. NoSQL vendors also have a responsibility to ensure that their systems provide users with the tools to secure themselves better and secure their services by default. Cyber Defense eMagazine – November 2020 Edition 66 Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.
If the recent spate of attacks is anything to go by, it is unrealistic to think that NoSQL data breaches and leaks are a thing of the past. Instead, we need to view each one as a reminder for businesses to take database security seriously. About the Author My name is Jack Harper, I am the Director of Professional Services at Couchbase. Jack Harper is a leader on the Professional Services team at Couchbase, where he leverages nearly 20 years of experience identifying, mitigating, and resolving technical issues as well as architecting and implementing solutions for customers. His background also includes extensive experience with software testing and QA best practices and methodologies as they relate to various implementations of the SDLC (Agile, XP, RAD, waterfall). Jack is a Certified PMP (Project Management Professional) with 6+ years’ experience working on software development projects. Jack Harper can be reached online at (TWITTER, LinkedIn and at our company website https://www.couchbase.com / Cyber Defense eMagazine – November 2020 Edition 67 Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
4 Reasons Why Cyber Security Is Imp
Page 3 and 4:
Takeaway from the SANS Institute At
Page 5 and 6:
@MILIEFSKY From the Publisher… Ne
Page 7 and 8:
Welcome to CDM’s November 2020 Is
Page 9 and 10:
Cyber Defense eMagazine - November
Page 11 and 12:
Page 13 and 14:
Page 15 and 16: Cyber Defense eMagazine - November
Page 21 and 22: 4 Reasons Why Cyber Security Is Imp
Page 23 and 24: 2. Reassure Your Customers Your bus
Page 25 and 26: About the Author Gabe Nelson is a c
Page 27 and 28: to higher performance. So she set o
Page 29 and 30: In the Midst of the Pandemic, Cyber
Page 31 and 32: Senior leaders: Use ongoing educati
Page 33 and 34: About the Author Samantha Humphries
Page 35 and 36: That almost always triggers a bigge
Page 37 and 38: More importantly, there are those a
Page 39 and 40: Why Cybersecurity Awareness is More
Page 41 and 42: The Washington Post also revealed t
Page 43 and 44: as far as hosting a “Name and Sha
Page 45 and 46: When these individuals need access,
Page 47 and 48: start of the pandemic. In the same
Page 49 and 50: About the Author Noah Johnson is Co
Page 51 and 52: a new and more serious threat for m
Page 53 and 54: Perfecting Your Cybersecurity Sales
Page 55 and 56: Do your homework For those with tru
Page 57 and 58: Though sales culture won’t change
Page 59 and 60: 2. Plan a Phased Migration When lea
Page 61 and 62: Has Your Data Been Leaked to the Da
Page 63 and 64: Rogue Insiders attempting to steal
Page 65: friendly way for organizations to m
Page 69 and 70: had an attack targeted at them befo
Page 71 and 72: Behind the Scenes of AppSec’s Mis
Page 73 and 74: Next Steps Where we go from here is
Page 75 and 76: Coupled with a wide variety of atta
Page 77 and 78: Zero Trust Model Is Meaningless Wit
Page 79 and 80: Solutions need to take a “decrypt
Page 81 and 82: Automated Pentesting - Ready to Rep
Page 83 and 84: page that you can use to pivot furt
Page 85 and 86: Not even Microsoft is fool proof Wh
Page 87 and 88: Emerging Technologies Create A New
Page 89 and 90: Beyond seamless, frictionless authe
Page 91 and 92: Add a pandemic to fraud prevention
Page 93 and 94: About the Author Robert Capps VP of
Page 95 and 96: Security awareness training should
Page 97 and 98: About the Author Jay Ryerse, CISSP,
Page 99 and 100: IT Outsourcing firm has considerabl
Page 101 and 102: ecognizing parts of your system mos
Page 103 and 104: Server updates can be risky, which
Page 105 and 106: Unlocking the Promise of Packet Cap
Page 107 and 108: About the Author Kathryn Ash is the
Page 109 and 110: DNS and DDoS attack vectors have em
Page 111 and 112: NCSAM Provided an Opportunity to Re
Page 113 and 114: leveraging IT resilience solutions
Page 115 and 116: Many businesses struggle to set up,
Page 117 and 118:
data protection and privacy for use
Page 119 and 120:
Patched Minimizes Risk - But Opens
Page 121 and 122:
Further, DCs often receive patches
Page 123 and 124:
For Federal Agencies, Securing Inte
Page 125 and 126:
C2C allows the DoD to inspect every
Page 127 and 128:
The following are documented cybera
Page 129 and 130:
About the Author Ryan Benner is Vic
Page 131 and 132:
How Is Video Intercom Being Used in
Page 133 and 134:
Page 135 and 136:
Page 137 and 138:
Page 139 and 140:
Page 141 and 142:
Meet Our Publisher: Gary S. Miliefs
Page 143 and 144:
FREE MONTHLY CYBER DEFENSE EMAGAZIN
Page 145 and 146:
Nearly 9 Years in The Making… Tha
Page 147 and 148:
Page 149 and 150:
show all

Cyber Defense eMagazine November 2020 Edition

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?