Database Security Essentials - Part 1
In the modern age, there are very few businesses that can get by without an efficient database that can be easily accessed, and the tools that allow for effective data analysis. Moreover, a company's database contains reams of extremely sensitive information that if compromised or lost, could be detrimental for the future of the business and potentially damaging for any clients whose details are on the database.
There have been a number of high profile cases of databases being breached in recent years. In the United States the credit card details of millions of people were hacked by identity fraudsters when they compromised the systems of a number of banks.
In the United Kingdom late last year, a government agency managed to lose two disks containing sensitive details of about half of the adult population. Not surprisingly, some of these individuals have already been victims of identity fraud.
So, while investing time and money in the best data analysis tools and techniques is an excellent way to move your business forward, it could all be for nothing if your database is breached or corrupted and the reputation of your organization is ruined.
Database security is a pretty specialized field and, given its importance, it is a big business. Databases can be compromised in many ways, whether it is through access by unauthorized persons, malicious attacks or even simple errors by authorized database users.
Since databases are generally stored on computers, servers and/or networks they can be protected from outside access by firewalls and router level like any normal network or computer. However, networks are becoming more and more open so protection of the database itself is becoming increasingly important. There are a number of ways in which databases are protected.
Access control
This one is fairly self explanatory and is extremely important. When any database is set up it will have different levels of access for different users. Most likely, the database professionals responsible for its implementation and maintenance will have full access.
Access control is all about privileges. Some users, like the database professionals, will have full control over the database, while others will have varying degrees of control. In general, a user will only be given the necessary privileges to allow him to do his job. These privileges will be set by the database administrator and will be recognized when the user logs in with a username and password. This also helps prevent users who are not familiar with databases from accidentally deleting data or causing similar damage. Access control is seen as a very effective layer of database security as it is implemented at database level and cannot be by-passed.
However, it is not the only means of protecting databases. In the second part of this article we will look at auditing, encryption and authentication.
Written by: David C Skul - CEOBack to Articles | Next Article | Relativity | Watch the Video
Sign Up for Our Newsletter
Do you want more? Do you want to be notified of new blog postings and other exciting developments weekly? Do you want the competitive edge over your marketplace?
Sign Up for Our Newsletter and get Free Gifts when you Sign Up and Confirm Your Subscription:
- Monthly Updates and Informative Articles and Videos from our team of experts.
- White Papers and Free Training Offers
- Special Discounts and Incentives on our Services and Products
- Special Discounts and Incentives from our Channel Partners
- Monthly Prizes and Incentives for Blog Postings
- Much, Much More
Have questions or suggestions?
Contact Us By Email:
Terms Of Service | Guarantees | Privacy Policy
©2008 Relativity | www.relativitycorp.com is a division of Relativity, Inc, a Colorado, USA Corporation. All rights reserved.