Tuesday, September 3, 2019

Essay --

Database Security: Database security is a critical Domain of Computer and Information Security that deals with protection of an individual database or group of database from illegal access, injections or possible destruction. Data can be a customer's information, intellectual property, financial asset or any number of other records that can be maintained and managed on a system. Without Database security people are at risk of identity fraud, theft, destruction of property and much worse. The global costs of such security breaches runs from over a billions of dollars yearly, and the cost to individual companies can be extreme, sometimes disastrous. One of the most popular method for protection of database includes storing a backup in a secondary location or datacenter. The Advantage of storing backup in secondary location is the process of restoration and damage prevention in case of data destruction or disaster at Primary source . A firm’s database infrastructure often contains the most important data and are subjected to a wide range of attacks. Some of the threats to database security are excessive and unused privileges, SQL Injection, DoS etc. Excessive and Unused privileges is when someone in the firm is granted database privileges that exceeds the requirement of their job function, these privileges may sometime be abused. A good example for Excess and Unused Privilege can be a University System Administrator who’s primary function is to maintain student information, but due to excessive privileges could potentially have access to modification of Student’s grades. Another example could be of an employee with access to human resources database access, leaving the organization i... ... The use of portable devices are causing most of the organizations to deal with higher risk from hackers gaining access to sensitive data. Database are mainly targeted by attackers since it contains high volume of important and potentially critical data. The best way to overcome these risk are through storing important information as backups and securing data transmission over public network. Organization should set up firewalls between company’s intranet and internet in order to block any external device access into the network . With all being said organization should continuously educate their employees about the risks and keep a track and secure the portable devices used by IT personnel. If such security measures are implemented by an organization they can ensure that critical and important information could be less susceptible to vulnerabilities.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.