During the last five years, the identities of hundreds of thousands of consumers

Question

During the last five years, the identities of hundreds of thousands of consumers were stolen by criminals who were able to access their records in the databases large companies. Thousands of students at some large universities were also were also victimized by identity thieves when succeeded in hacking the student databases at these institutions. If you were the Database Administrator at University , what steps would you take to minimize the possibility of students’ personal information being stolen from University databases?

Explanation / Answer

Database of any organization/University contains very vital information and any breach or access to those records by criminals is a serious matter of concern . Infact , organization of any size are not totally isolated from database intruders or criminials but yes with good database security, this can be avaoided to a very large extend.

Strong security policies are also required to dealt with, if anyone found guilty .

Some of the best practices to minimize the information stolen from University Databases are :

1. Assess Current security level of Database to have some baseline to start with and keep re-evaluating on regualar basis to check where the database secuirty stands , to keep improving .

2. Vulnerabilities - Any bugs on OS level or any other software installed,which helps criminals to breach security needs to be addressed. For that make sure all the fixpacks , security patches are applied to servers and other systems connected on network

3. Should not have Poor Architecture and security needs to be on top while deciding how application works .

4. Security should not be compromised to configure and access database . Thus avoid misconfiguration

5. More than the required priviledges are dangerous. Only the required permissions with proper approval and refrain from providing Excessive and Unwanted Priviledges

6. System Access should not be enough to access database and Database authentication is must to access Database like in MS-SQL , Select option as Windows and Database authentication

7. Set policy to have mandatory password change on regular basis ( Some big organization force to change every 90 days )

8. Keep looking into the log files to find any intrusions .

9. Regular auditing of system and fix issues as they arise .

10 Databases and it security needs to be handled by the experts and it's advisable to NOT have make shift arrangement.

11. As organization/university grows , more users are accessing the database which increases the possibility that some intruder get an access , thus Keep monitoring the users activity , how they are accessing , what they are doing and so on will help to safe guard the data in database .

12. Account of users ,who left the university should be deactivated immediately

Related Questions

Navigate

• Browse (All)
• Browse D
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.