Database security
Database security
Database servers should not be accessible from the internet. In an ideal configuration, the application server will have separate NICs for public and private traffic.
Database logins should be used to minimize database access rights whenever possible. These logins should be used within application server data source configurations, which themselves should be limited to minimum execution rights.
Stored procedures can be used as a database interface; if used exclusively, access can be granted only for those procedures, preventing direct access to tables.
Access to extended stored procedures should be minimized.
Home
Speakers
Maps & Hotels
Photos
CF Conf Central
Please send comments/questions to
[email protected]