Fill This Form To Receive Instant Help
Fill This Form To Receive Instant Help
Homework answers / question archive / considering the importance of data in organization, it is absolutely essential to secure the data present in the database
considering the importance of data in organization, it is absolutely essential to secure the data present in the database. What are the strategic and technical security measures for good database security? Be sure to discuss at least one security model to properly develop databases for organizational security. Create a diagram of a security model for your research paper.
Your paper should meet the following requirements:
Answer:
Abstract: This paper mainly focuses on importance of data in an organization and Security measures that should be taken in an organization to protect data from hacking and data loss. It emphasizes on security issues that are associated with database. With increase in number of ways of attacking the system, the risk of data breaching is becoming high. This paper will also tell about the issues in database security and a security model to properly develop databases for organization security.
Introduction:
Database in an organization are desined with an aim of storing a lot of information. All the information including the client personal details, employees personal details and project related information is stored in database of the organization. Whenever any data is required of the previous activity or event it is taken from the database. Database contains all records in a tabular format. It is mainly used to store backup.
A. Threats to Data and Database:
1. Excessive Privilege Threat: A person whi has the right for a task but also gets right for a task that he is not aimed to do, in that case he gets extra (excessive) rights which he can misuse anytime.
2. Database Injection Attacks: There are two types of database injection attacks i.e., SQL injection and NOSQL injection. Sql injection targets the traditional databae system and Nosql injection targets the big data platforms.
3. Exposure of Storage Media: The backup media that mainly contains pictures and other voice notes. This data is mainly hacked and breached.
4. Legitimate Privileges: Using the legitimate datbase access confidential information can be hacked.
B. Security Measures for database security:
1. Usage of Web Applications and Database Firewall: There should be a firewall used that by default stops the data or information coming from any server which is not authorised. The traffic that should be allowed to pass should be from specific web servers. Additionally, a web application firewall should also be used as it will protect data from deletion in case of SQL injection attacks.
2. Always ensure Physical Database Security: It means to keep your server in a secure environment with access controls such as to keep unauthorized people outside.
3. Latest version of Database Software: It is important to use the latest version of database software with all the security patches pre-installed and running appropraitely.
Also uninstall or disable the features that are of no use.
4. Encrypt your Data: It is important that backup data should also be encrypted using encryption methods. The decryption keys should be stored seperately.
Confidential data should be strictly encrypted using standard encryption techniques.
5. Managing Database Access Tightly: There should be very less number of people who manage the database. Also there should be a specific time, in which they can have access to it. Limited access should be given to them to access the database. Strong passwords should be kept. After 2-3 incorrect password trials, the database should be locked.
6. Eye on Database Activity: It should be noted everytime that at which time database is used. Also by whom and for what purpose. Database activity monitoring software can allow you to monitor your database effectively.
C. Security Model to develop databases for Organization:
This is the security data model.
1. Client Browser sends a request to the Web Server.
2. Firewall checks for authorization of trusted user.
3. If the user is trusted it is passed to the next level.
4. Encryption Standards are applied at Database Management System.
5. Authorised users having the decryption key are allowed to pass.
6. Users are allowed to access the database.
7. Keeps track of login and logout users.
Thus this is the data security model.
Conclusion:
Data in organization is the most valuable property and should be kept safe because it has the company's confidential data. There are various types of security attacks and threats that the system can get into. For recovery and management various measures are taken and followed.
please use this google drive link to download the answer file.
https://drive.google.com/file/d/1rxDjuYcGGKs9wpkG6j8x4vxIeJpI2mbA/view?usp=sharing
note: if you have any trouble in viewing/downloading the answer from the given link, please use this below guide to understand the whole process.
https://helpinhomework.org/blog/how-to-obtain-answer-through-google-drive-link
