It’s not an exaggeration to say that databases are the lifeblood of data-driven companies. Your company likely couldn’t run without them, and yet their importance makes them a constant liability. There’s a reason why so many compliance regulations (ranging from the ISO 27001 to SOC 2 to industry-specific ones like HIPAA) touch on keeping databases safe from abuse.
This is where zero trust security controls come into play. You can’t automatically grant anyone access to your databases; everyone has to be checked on each access attempt. Yet most “zero trust” strategies require placing trust in something outside your control, putting databases at risk. Here’s why zero trust database access is not as straightforward as you might think and what to do to achieve safety and accountability.
For Many, Zero Trust Database Access Still Means Trusting Native Identity and Access Management Tools
Organizations commonly enact zero trust user authentication through identity providers or built-in identity and access management (IAM) tools, such as Okta or a cloud provider’s IAM solution. This is “zero trust” in the sense that you are not trusting your users. However, you are trusting the native authority itself to store the necessary authentication credentials. In this situation, native IAM controls serve as a “root of trust” that must be trusted for the system to work. Unfortunately, if a breach takes place (as has happened to Okta multiple times), your trust in a third-party provider now leaves you vulnerable to infiltration.
Even if your native IAM tool isn’t compromised, access control in database security can still be undermined by authorized users who exploit the database permissions they’ve received. If credentials are broader or longer-lasting than necessary, users can access more databases than they should (a liability known as lateral movement) or for longer than they need to.
Compounding the issue is the fact that maintaining and auditing database access is historically costly, laborious, and slow, thanks to the requirement of many integrations, proxies and jumphosts. This does more than simply complicate your identity and access management strategy — it can actively hinder auditing and crisis resolution. If someone is engaging in suspicious activity on your network, investigating the relevant sequence of events may be a slow process at precisely the time you need quick answers.
Improving Access Control in Database Security by Removing Trust
If trusting native IAM controls can jeopardize databases, it stands to reason that removing that trust would improve security. And the way to do that is by requiring two independent third parties to authorize users, a technique known as Multi-root Zero-trust Authentication Protocol (MrZAP), which is at the core of BastionZero’s technology. In this model, a security provider separate from your native IAM service also checks to verify user identity. The user is only granted database access if both parties authenticate the user, adding an extra level of security to your infrastructure and access management strategy.
With two roots of trust, you will still have a line of defense even if one of them is compromised. Save for the highly unlikely event of the second provider being hacked at the exact same time, an attack on your native IAM service will not allow fraudulent users to gain database access.
For optimal security, you need a granular method of giving authorized users access to specific targets. This means improving the specificity of the permissions you grant and ensuring those permissions are only as long-lived as they need to be via policy. With BastionZero’s policy service, you can grant precise just-in-time database access, so users will only be able to access their intended targets for the exact amount of time needed — and you can revoke it instantly if required.
Streamline Complexity and Reduce Risk with BastionZero
The complexity of access management is a way of life at many companies, but that doesn’t mean it’s acceptable. Such a tangle of convoluted systems demands large amounts of time and effort to maintain proper access control in database security. All it takes is a single breach for the inefficiencies in this kind of setup to become obvious, but of course, it’s better to eliminate the reliance on a single root of trust before it becomes an issue in the first place.
Moving from conventional zero trust database access to true zero trust access can only happen with multiple roots of trust. And modernizing database access by taking advantage of the MrZAP protocol can have a cascade of other benefits. Improved auditing allows for security incidents to be resolved faster, while bringing companies closer to compliance with key data handling regulations. And streamlining the database access process frees up your staff and your budget to solve more engaging challenges.
See BastionZero in Action
BastionZero connects teams to resources and requires no additional infrastructure to deploy or manage. It is the first—and only—cloud-native solution for trustless access providing multi-root authentication while maintaining zero entitlements to your systems.
With BastionZero, you can reclaim your architecture from over-privileged third parties and ensure that the right people have access to the right resources at just the right time—every time.
Schedule a demo now to see how you can trust less and access more with BastionZero.
