Dozens of major data breaches have occurred in the last fifteen years. Each one illustrates the massive cost – both in dollars and in reputation – of lax security. Consider:

Uber in 2016 – Hackers downloaded more than 25 million drivers’ and customers’ personal information; the cover-up and resulting claims alone cost $148 million.
Equifax in 2017 (more than once!) – Just one of the 2017 incidents cost Equifax 140 million American, British, and Canadian credit records, and a $575 million settlement to those affected.
MyFitnessPal (by Under Armor) in 2018 – Hackers breached 150 million user accounts, causing Under Armor stock value to fall by 4.6%.

There is so much at stake when it comes to customer – and company – data.

How do data breaches happen?

Technology provides a lot of leverage for a company, but also creates a multitude of opportunities for hackers. Brute force attacks and weak passwords are longstanding vulnerabilities. And the phrase “misconfigured database” seems to be cropping up more and more.

As we can’t turn this article into a security book, we will generalize: Data breaches happen both by accident, and on purpose.

On accident

Accidental breaches are (somewhat) understandable; hackers and security forces are in a war, and sometimes the defenses are…well, breached, even in the best of circumstances.

If (the entirely fictional company) TippyTap Associated has antivirus software, strong password requirements, sufficient security monitoring, a competent team, software patches up to date, and so on and on; then they’ve done everything they can. No organization is truly, 100% invincible. But the good people at TippyTap have done all they can to get there.

But many companies participate in data breaches on purpose, too. Let’s talk about how.

On purpose

Here’s a quick story:

XYZ, Inc. sees data breaches happening to the other guys. Last month, it was ABC Affiliated that got hit, and now half a million customer profiles are out there in the wild.

From a company’s point of view, security breaches are completely random. This can feel like being an unwilling participant in a really terrible lottery. “This month, it was just ABC’s time to ‘win’,” shrug the XYZ folks. In a regular IT meeting, upper management once again rejects the suggestion of downtime for patches, and budget for software upgrades. They shrug and say, “That kind of security is so much trouble and expense. Besides, we’ve never had an issue before! *”

This is a terrible attitude. It’s willful and deliberate ignorance. XYZ, Inc. is absolutely participating in the upcoming breach, by continually denying the time and budget items that would allow their staff to protect their interests.

Layering security

Real security takes a layered approach, and it always has. The two main layers to a secure environment are setup and maintenance.

Setting up security

Setting up company security tends to be the easier and more obvious layer. XYZ, Inc. probably had no problem setting up security – though like many companies, they didn’t follow a clear methodology through their entire environment. What’s more, the methods varied depending on the IT personnel in charge at the time.

Let’s have story time again:

ABC Affiliated is a much bigger company than XYZ, Inc. As ABC revamps its environment to beef up security, the sheer size of the effort is daunting. There are hundreds of SQL Server instances, which makes things very, very difficult. ABC turns to experts for help.

MinionWare helps ABC install Minion Enterprise, which is up and running within a morning. The security setup effort is suddenly more than manageable. ABC’s data team can now make massive changes to their hundreds of servers, from a single location, using a handful of commands.

The management team has a hard time believing this was all done so quickly, and goes about a series of spot checks to be sure.

The spot checks pass. Everyone cheers.

Maintaining security

Maintenance is the second layer of security. This is the hardest part to pull off, because every environment changes over time. More users, more databases, more software. And, change introduces vulnerability.

SQL Server won’t automatically alert you when changes occur, so someone must monitor and audit permissions, configuration, and security settings. These changes can happen from the inside and the outside – from deployments, mistakes, misguided efforts, and attacks.

Minion Enterprise helps security by:

Logging security settings at the instance level, database level, and Active Directory
Constantly monitoring security settings and alerting at critical changes
Monitoring and alerting on Active Directory group and sub-group membership changes
Monitoring SQL Server error logs. This is especially useful for alerting on unusual sysadmin activity, and high numbers of login failures.

In addition to these out of the box features, the centralized monitoring and management that M.E. provides allows for:

Alerting when SQL Agent jobs or database objects change. This is a common security loophole that hackers exploit.
Consolidating your security settings and streamlining your environment. This makes it much easier to adhere to your own processes and standards.
Regularly reviewing and removing unused AD accounts.
Easily setting up logins for contractors, and removing them from SQL Server on the day of your choosing.
Reporting (or alerting) on how up to date each SQL Server instance’s security patches are.
And an awful lot more.

You can see how Minion makes it easy to not only setup, but also monitor your security environment.

A million ways to protect your data

Your company’s data is valuable. You must protect it enough that a hacker can’t just walk in and take it. Hire good people, keep your software up to date and patched, and see how many ways Minion Enterprise can strengthen your IT security.

*”We’ve never had a disaster before,” is the direct, actual, yes-I’m-serious real-life quote from one client, long ago.

Prevent the next data breach