Physical access to a typical server is virtually the same as giving someone the administrator password. Once someone has physical access, the person can install a network monitor to sniff and steal all the passwords (at least all the unencrypted passwords). If server downtime isn't a concern, the intruder can also reboot the machine and, in most cases, use special commands that can only be input directly on the physical machine in order to get the administrator password and from there get access to all data and accounts on the machine.
Fortunately, most servers are well protected inside data centers with security monitoring at the doors, video cameras, and fancy key-card systems. But what about your backups? What about the copy of the site that you gave to a consulting firm so the consultants can work on the new version of the site in their environment? The lesson here is that you must protect your data virtually (with code and configuration) and physically and, further, that you must do so not only on your server but every time you make a copy of the data. For your routine backups a good solution is to encrypt the database file prior to moving it to the backup medium. But what should you do if you need to share a copy of the database with someone who needs to work on it, but you want to protect the privacy of your users?
Was this article helpful?