Continue in 2 seconds

The Weakest Link, Part 3

Published
  • April 01 2003, 1:00am EST

This column is the concluding installment of a three-part series on security vulnerabilities of the data warehouse environment. This installment examines measures that can be utilized to help minimize or remove security vulnerabilities in front-end business intelligence applications. In earlier installments, we saw that securing the data warehouse environment is more than just administering users and access privileges. There are a number of actions that can be implemented with varying levels of effort to mitigate security exposures of your data warehouse site.

To begin, remove or at least turn off features and functionality of the site that are not being used. This will reduce the number of access points that an attacker can take advantage of and manipulate. The more access points, the more opportunities for exploitation. This includes any sample code provided by an application vendor, debug functionality used by developers and administrative functionality that is not going to be used.

Place controls on who has access to the various infrastructure components. Minimum access should be given to meet the business needs of each user's role. For example, only a limited number of database administrators (DBAs) should have full access to the entire warehouse. Even then, access logging should be in place to capture what actions were performed by which DBA at which date and time for auditing purposes.

Assess the security of data and communications flow between the application and the infrastructure plus the application components. Data coming into a site may be secured under a secure socket layer (SSL) and then sent in clear text or simply encoded between application components. Make sure the authentication services use encryption when accessing entitlements stores (e.g., LDAP).

Monitor the usage of the business intelligence site for variation in patterns. Unusual usage patterns may be an indication of an attack and worth investigating.

Review how the business intelligence application stores data extracted from the data warehouse environment. Ideally, data should not exist in a persistent form on disk anywhere in the environment except in a properly secured database or data store. If persistent warehousing data must be present on disk, it should utilize additional security defenses such as network segmentation (e.g., firewalls) or encryption to limit any exposure threat.

If the site utilizes a single sign-on (SSO) application for controlling access and authentication between application components, determine if it has a cross-site scripting option to further deter this particular type of vulnerability.

Develop and use a software development security standard for all internally and externally developed application code. If you do not already have a security standard, go to The Open Web Application Security Project (OWASP) at http//:www.owasp.org/. This site provides white papers and guides on best practices for building secure applications.

Correct any information leaks found in applications that provide application, security or infrastructure information. Error and security messages from applications and databases often provide useful information on servers, networks, directory paths, filenames, programs and scripts, tables and other infrastructure items. This information by itself may seem relatively benign, but when combined with other techniques can lead to exploits.

Insure that business intelligence applications and portals manage the security of sessions (typically cookies) when a user logs out. A user's cookie or other session credentials should be invalidated to avoid session hijacking (e.g., kiosks).

Monitor vendor and security Web sites and user groups for security alerts. This includes all components of the infrastructure, not just the front-end business intelligence applications. Some of the many security alert sites include Bugtraq (http://online.securityfocus.com/) and Full Disclosure ( http://lists.netsys.com/full-disclosure-charter.html).

The mitigation methods described so far are all application-specific, and it is important to guard against them. However, security does not stop there. Even though an application may be secure, if it is running on a Web or application server that has not been hardened, then the risk is still high that attacks against it will succeed. Make sure you follow your application vendors' instructions on how to secure your server software. If the vendor does not provide this information in the documentation, be sure to check their Web site or contact their technical support team.

Another option is to engage a third-party digital security consulting firm to conduct a security audit of your data warehouse environment. The assessments can be in the form of an application-penetration test to a vulnerability assessment of the front-end applications. The vulnerability assessment focuses on the risk posed by transaction-based exposures to the front-end data warehouse applications (e.g., cross-site scripting, information leakage, input manipulation). The application penetration test assesses the data warehouse site's ability to resist attacks from both valid and anonymous users. This is accomplished by testing the site's ability to prevent data manipulation, privilege promotion and authentication bypass.

Finally, once a through understanding of the security vulnerabilities of the data warehouse environment is achieved, a reality check needs to occur. You cannot ensure 100 percent security of your data warehouse site unless you have unlimited funds and time. The complexities and interdependencies of today's information technology environments, software and infrastructure make the testing of every possible permutation virtually impossible. Imagine performing code reviews of your third-party business intelligence applications looking for security vulnerabilities. Choices can be made either to resolve the exposure immediately, defer fixing, have the vendor remediate the exposure or manage the risk. Business and security need to work together to assess the real level of risk, probability of business disruption, business liability and cost of remediation before proceeding down any path.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access