Our security experts, database administrators, network team and infrastructure team are all saying it's OK to have the database server located in the DMZ along with the HTTP server and middle-ware server.
Their reason:
If the database server is compromised (because of an insecure middle tier), at least the database server is outside the internal system. If it is inside our network, the hacker can then use the database server to access other systems.
What they are saying is:
- Let's not put the middle-ware server behind a second firewall and the database server behind a third firewall.
- Let's use just one firewall (the HTTP server's) in case a hacker wants to get our database's sensitive data, at least that's all they can get.
The second statement was actually said... verbatim.
Please note that this database server will hold sensitive information, including bank details.
Now, are these experts making any sense to you? I'm a software developer, and I can't get their logic. It's like, "Put the jewelry box outside the house so that robbers won't bother getting in for the TV?"
Aucun commentaire:
Enregistrer un commentaire