Database as a Service (DBaaS) offers a self-service model for provisioning databases, without the cost of setting up servers and burdening IT teams. However, DBaaS also offers cyber criminals easier access to your data, from both inside and outside the service. Apart from offering criminals a cheap and safe playground, DBaaS itself introduces new security issues. When an organization's internal data is stored in the cloud, an attacker no longer needs to gain access to the organization's network before compromising high-value data. This presentation will:
- Show how attackers are exploiting cloud database services in their operations
- Discuss key implications to internal databases
- Identify the hidden risks of DBaaS
- Re-asses the severity of database vulnerabilities in a hosted environment