A database application is only as secure as the server it is running on. Hence, it’s important to start considering security settings at the level of the physical server or servers on which your databases will be hosted. In short, simple configurations, you might want to secure only a single machine. Larger companies will likely have to make accommodations for many servers.
These servers may be geographically spread and even arranged in complex clustered configurations. One of the primary steps you should consider in order to secure a server is to decide which users and apps should have access to it. Modern database platforms are generally accessible over a network, and most database administration jobs can be performed remotely.
Therefore, other than for purposes of physically maintaining database hardware, there’s little requirement for anyone to have direct physical access to a database. It’s also very necessary to physically secure databases in order to restrict unauthorized users from accessing database files and data backups. If an unauthorized user can get physical access to your servers, it’s much more hard to secure against further breaches.
