The primary threats to a database system are-
- Internal threat
- Intentional (sabotage), and
- Inadvertent (carelessness/accident)
- Phishing
- Social engineering
- External threats
- Password crackers
- SQL injections
- Malware
- Dumpster diving
- Physical and natural disasters
Mitigation techniques for data at rest (stored in the database, not in transit over the network) are having policies and procedures for-
- Encryption
- Access Control
- Secure server management
- Updates and patch management of the server OS and database
- Antivirus on the server
- Backup