Ten or more years ago, most databases were on-premises only. There was no exposure outside of the perimeter, and the only people who had access in an average company were a few database administrators. Then enterprises and internal development teams began connecting them to a few applications, hardcoding the credentials into the software for convenience. But that handful kept growing. And now no-code and low-code (LCNC) is essentially backing up the truck loaded with applications that have database access — and we're not always sure about the qualifications of the driver.
LCNC frameworks are speeding application development and enabling even nontechnical users to quickly create software to suit their business needs. LCNC platforms have the potential to slash costs, reduce time-to-market, and disrupt industries. However, they could also be unwittingly laying the groundwork for future data disasters.
The first concern is a lack of visibility. There's often no knowledge about code quality, its vulnerabilities, or how well the LCNC platform has been tested. The non-IT pros who develop these applications aren't trained to maintain them, often create misconfigurations, and don't know the best practices on how to keep them from opening up security vulnerabilities, such as data exfiltration.
Why Zero Trust Alone Isn't Enough
Increasingly, organizations are turning to the zero-trust model to mitigate security risk. With zero trust, the goal is to enforce least privilege to users and applications. This calls for all users and applications to be authenticated, authorized, and continuously validated before being granted access to data.
Many enterprises rely on privileged access management tools, which are important to helping achieve zero trust across much of the IT infrastructure. But these tools are blind to the context of the database. They are not equipped to grant privileges based on who or what is accessing the data, what they are accessing, and for what purpose. Because these controls only provide all-or-nothing access, LCNC applications could end up exposing sensitive data.
The most underdiscussed security issue around LCNC may be that even the apps IT has sanctioned often don't maintain a record of data lineage. There's often no knowledge of when these apps accessed databases, how much data was accessed, and what happened to that data. But every time an application accesses data, it needs to read and write data somewhere — even if it's temporary. And it often isn't, and the data pulled from a database for an app's use ends up living somewhere else too.
Restoring Visibility to Reduce Risk
These days, rather than on-premises, data could reside in a database, data warehouse, or data pipeline. But without a framework to apply controls, there's no history or record — data is essentially in the enterprise wild.
This lack of data lineage records partially explains why it can take so long for organizations to notify affected parties after a data breach. It can take weeks, even months, to assess the impact of data exfiltration because today most organizations cannot tell you exactly which of their people and applications have access to their databases. Even fewer can point at which data within the databases those applications can access. It's becoming clear that unless organizations worldwide put a new level of data security governance in place, the LCNC paradigm will only accelerate the trend of data exfiltration.
However, security teams can have both LCNC and database security by following a few design principles:
- Create a governance model that works across databases, data lakes, and data services.
- Enforce least privilege.
- Provide real-time visibility into which applications are accessing which data for what reason.
By making sure every application is authenticated and authorized before it is provided fine-grained access, and by keeping a record of data lineage for future auditing, enterprises can reduce the risk of LCNC frameworks.
In the end, today's enterprises don't need to shrink away from using LCNC technologies, but they do need to put data security governance controls in place. As each new app potentially gives rise to new vulnerabilities, rather than investing only in security tools that protect the perimeter or the vector, every company — whether a startup or a global enterprise — should invest in protecting the key source of value for the business operations: the data layer.