In the previous chapter, we saw how we can incorporate access management in an application to secure it from unauthorized access, which is essentially the application level security. However, what if we don't have our database secured? Well, in that case, data can be misused by unauthorized users or even authorized users, such as database administrators, which leads to business loss or sometimes legal actions.

Data security is always a major concern, especially when it is hosted on Cloud Server. We have to protect our data against the compromises of integrity, availability, and confidentiality. It doesn't matter whether you are using RDBMS, such as MySQL or MSSQL, or NoSQL, such as MongoDB or Firebase Realtime Database; all these databases have to be secured by restricting access to the data. In this chapter, we will briefly look at the common database security risks and the checklist to prevent such threats. We will also see the security part of Firebase Realtime Database and the Firebase Realtime Database Rules language.

Here's a list of the topics we will discuss in this chapter:

• Overview of common Database Security Risks and Preventive measures
• Overview of Firebase Security
• Overview of Firebase Realtime Database Rules
• Structure and Definition of Firebase Realtime Database Rules 
• Introduction to Data Indexing
• Database Backups and Restore

Let's start with Security Risks and Prevention of the threats.