I have an enterprise application running that uses both MySQL and Mongodb datast

Question

I have an enterprise application running that uses both MySQL and Mongodb datastores. My development team all have ssh access to the machine in order to perform application releases, maintenance etc. I recently raised a risk in the business when users started storing highly sensitive data on the application that the developers have indirect access to this data which caused a bit of a storm and have now been mandated with securing the data so that it is not accessible. To me this does not seem possible because if the application has access to the database then a developer with access to the machine and application source will always be able to access the data. I am sure I am not the only one who has this issue. Please advise me on how this is being done in other corporates.

Explanation / Answer

The standard way of handling this is through segregation of duties.

Basically, it means that you have a team that handles deployment that is completely separate from the team that handles deployment in production and that you have a separate team that perform auditing.

Also, proper encryption of the database and key handling will help limit access to sensitive data: people who have access to the database servers (DBAs) usually are not granted access to the decryption keys while people having access to these decryption keys (typically the security team although it could also be the system administrators) are not granted access to the databases.

The devs, who usually needs to have access to both set of data for development and testing, are never granted access to production, only dev and pre-production systems.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.