Microsoft’s Cosmos DB vulnerability is a timely reminder about database security

When you’re searching for the beating heart of most organisations, what you’re looking for is their database system. It’s no secret that businesses are dictated by data. Proprietary data gives companies their value, while the ability to scour collected data about trends and customers gives them the ability to derive additional value. It’s therefore no secret that database security is a hot topic.

Whether it’s not wishing to lose a competitive edge to rivals or to comply with new data privacy laws, such as the EU’s GDPR framework, which hold organis7ations responsible for good data governance, database security should be an essential consideration for anyone remotely involved in this area. It’s something no organization should take for granted.

The Microsoft Azure Cosmos DB vulnerability

Data must be properly protected from a combination of insider and outsider threats — referring to both current and former employees who can access and misuse sensitive information as well as outside attackers who are looking to break in.

This protection of data must also take place against a background of cloud computing, in which data must be more accessible than ever. Driven by the remote working shifts that accompanied COVID-19, it’s now expected that employees should be able to access the information they need from wherever they happen to be at that moment. Thanks to cloud computing, all users need is an internet connection and a device for logging in on, and they can immediately access whatever they require.

Unfortunately, this ease of access has brought about new challenges — even when the biggest database providers are involved. For example, in late August Microsoft issued a warning to thousands of customers of its cloud computing service regarding a vulnerability in its Cosmos DB database. Launched in May 2017, Microsoft Azure Cosmos DB is the tech giant’s multi-model, globally distributed database service advertised as being capable of “managing data at planet-scale.” 

Even a company with the scale and resources of Microsoft can run into problems, however. The Cosmos DB database opened up the opportunity for potential attackers to read, alter, or delete databases by way of a visualization tool known as Jupyter Notebook.

Fixing the problem?

To its credit, Microsoft quickly swung into action to fix the vulnerability so as to protect its users. It also paid a sum of $40,000 to the cyber security researchers who discovered the flaw in question. It then emailed customers to say that there was no evidence that external parties had discovered and made use of the vulnerability, with the exception of the researchers who found the flaw and immediately alerted Microsoft of its existence. Nonetheless, it’s a timely reminder of the importance of cyber security as relates to databases. 

The Microsoft incident is particularly important to make note of at a time when more and more organizations have been switching from their own previous infrastructure and migrating to the cloud. Although this comes with no shortage of benefits, ranging from cost savings to flexibility to ease of access, customers also shouldn’t assume that they will face no security problems — even when they’re doing business with a trillion-dollar tech giant the size of Microsoft. 

Compounding these challenges is the fact that there is still a shortage in transparency regarding critical vulnerabilities in cloud architecture. That means that large numbers of severe vulnerabilities may be not disclosed to users.

Good database security

It’s not enough to simply use database environments and sit back assuming that everything is being taken care of. Enterprises must carry out active monitoring of any and all database environments under their control. 

They need to be able to know exactly who is accessing data and what they are doing with whatever data they access. For this reason, visibility is essential for organizations so that they are able to stop unusual activity in its tracks, before it has the potential to become a major security incident. Fortunately, the tools are there to help users protect themselves. Comprehensive database security solutions will assist with everything from monitoring to compliance-oriented auditing. 

Every organization will have different requirements when it comes to database security. But just because there is no one-size-fits-all answer doesn’t mean that organizations should dodge the subject completely. Just the opposite, in fact. By bringing on board cyber security experts to help develop and maintain database security efforts, including monitoring user behavior at every privilege level, organizations can ensure that they are doing the very best they can for their users.

The potential damage that can be caused by a data breach is almost unfathomably terrible for organizations — not just from the immediate impact of criminals accessing sensitive data, but also from the subsequent fines they may face for not properly protecting that data. Making sure that you have trusted allies — and the right tools — for this battle should be a top priority. It’s an investment you’ll never regret making.