Who left the DB? Find out with Teleportation Database Access • Graham Cluley

Graham Cluley Security News is sponsored this week by the folks at Teleportation. Thanks to the great team for their support!

You are woken up at 3 a.m. to find your worst nightmare. The new intern just accidentally deleted the production database during routine maintenance. You quickly restore from a backup. During the retrospective you discover that during the integration access was provided to all databases, but with full permissions and very similar Postgres URLs, it quickly became apparent that it was was a basic error.

At Teleport, we help people solve these problems. First, we start by making it easy to connect the right resource securely, incorporating best practices for bastion hosts and securing endpoints, and making sure to never expose a database to the internet instead of go through the Teleport proxy. Next, Teleport Authenticate makes it easy for users to onboard and off, and Teleport Authorize ensures that users and machines can perform specific tasks. For example, let the intern only read the production database, but don’t let them down. Finally, Teleport Audit Log provides a stream of structured events that facilitate monitoring and early detection of problems.

All of this may seem expensive, but all of the above features are available in our free, open-source Community Edition. At Teleport, we believe the strongest security should be available to everyone, and if your business has specific compliance requirements or needs advanced workflows, Teleport can help with its Enterprise Edition.

Try teleportation

We have a few options to try teleportation. You can get started with one of our many getting started guides or try an interactive demo track for Teleport Server Access & Teleport Kubernetes Access.

If you would like to sponsor my site for a week and reach an informed public who cares about computer security, you can find more information here.