My provider is taking care of my database security. The cloud affords many advantages, including not having to set up servers, maintain them. This is good, security must also be handled by the cloud provider. Especially if this is a public cloud database.
If your database is on a server and is being accessed by a web application there may be many vectors for attacks. The security architecture and implementation of it are each important.
Is your firewall configured correctly? has the cloud provider set up everything correctly? Are they updating patches as they should?
Are you aware of Cross Site Scripting(XSS) attacks that take advantage of scripting holes in your website?
Also SQL injection attacks can access your database from seemingly ordinary input fields – even username and passwords.
If you have a website and a database it can be compromised in many ways.
There is a good reason to have an independent third party look at your network and database.
No preconceived notions, just look at the network and review the defenses, the layout, and website.
Obtain the documentation of a scan, a penetration test for your records, so you can see with your own eyes how the hacker sees your computing resources that you own or lease.
PCI compliance or other compliance regulations (HIPAA) require periodic testing regimens.
About us – a Fixvirus.com owned site