Thursday, October 19, 2017

Database Security



Databases often hold the major importance of an organization; Its’ transactions, customers, employee info, financial data for both the company and its customers, and much more are all included in databases, mostly controlled by the hands of a database administrator with no security training. 

Database security and integrity are essential aspects of an organization’s security posture.


What Is Database Security?


Database security, protects the confidentiality, integrity and availability of an organization’s databases.Database security should consist of the following

  1. Software – software is used to ensure that people can’t gain access to the database through viruses, hacking, or any similar process.
  2. Physical controls – an example of a physical component of database security could be the constant monitoring of the database by company personnel to allow them to identify any potential weaknesses and/or compromises.
  3. Administrative controls – this refers to things like the use of passwords, restricting the access of certain people to certain parts of the database, or blocking the access of some company personnel altogether.


functions of database security include

  • Blocking attacks from unauthorized users or hackers. 
  • Preventing malware infections and stopping viruses stealing data.
  • Ensuring that physical damage to the server doesn’t result in the loss of data.
  • Prevents data loss through corruption of files or programming errors.

Database Security Best Practices:

  • Protect against SQL injections by using parameterized queries to keep malicious queries out of your database.
  • Ensure your database administrators both understand the business value and importance of ensuring your databases are secured and extending them the resources to do so properly.
  • Static Code Analysis is an essential tool for organizations developing applications as portals to databases to slash SQL injection, buffer overflow, and mis-configuration issues.
  • Maintain CIA by keeping your databases up to date, removing any unknown components, and enforcing least privilege parameters to ensure the confidentiality, integrity and availability of your databases.
  • To maintain availability, employ an Uninterruptible Power Supply, or UPS, to ensure any forced shutdown doesn’t cause data loss.
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Test Images

Below images  are being used for the   Hashtag Generator and Content Authenticator research .

  • How to do phishing
    Have you ever received emails saying that you have won a grand prize or an email claiming it’s something useful, such as a coupon to ...
  • Firewall made simple
    The term firewall was initially taken from the concept of constructing walls to stop spreading of fire. This concept is used in network...