What is Database Security?
Protecting your data from unauthorized access, corruption, and loss.
The 5 Security Rules
1. Principle of Least Privilege
Give users only the permissions they need. Nothing more.
-- Sales team only needs to read
GRANT SELECT ON customers TO sales_team;
-- NOT this (too much access)
GRANT ALL ON customers TO sales_team;2. Strong Passwords
- Minimum 12 characters
- Mix of letters, numbers, symbols
- Never reuse passwords
3. Never Store Plain Text Passwords
-- WRONG: Plain text
INSERT INTO users VALUES ('john', 'password123');
-- RIGHT: Store hashed password
INSERT INTO users VALUES ('john', '$2b$10$xyz...');Always hash passwords before storing.
4. Use Transactions for Critical Operations
BEGIN;
UPDATE accounts SET balance = balance - 100 WHERE id = 1;
UPDATE accounts SET balance = balance + 100 WHERE id = 2;
COMMIT;Prevents partial updates that corrupt data.
5. Regular Backups
- Daily backups minimum
- Test restoring backups
- Store backups in different location
SQL Injection Prevention
Never put user input directly in queries.
-- DANGEROUS: Direct input
SELECT * FROM users WHERE name = 'user_input';
-- SAFE: Use parameterized queries
SELECT * FROM users WHERE name = $1;Summary
- Least Privilege: Minimum necessary permissions
- Strong Passwords: Complex and unique
- Hash Passwords: Never store plain text
- Transactions: Protect critical operations
- Backups: Always have a recovery plan
- Parameterized Queries: Prevent SQL injection