B. Create a Database Security Plan\' using MS Word (save as a pdf) Include the f
ID: 3705490 • Letter: B
Question
B. Create a Database Security Plan' using MS Word (save as a pdf) Include the following: 1. Document title of DATABASE SECURITY PLAN with a text style of Title applied (or one of your choosing). 2. A list of each databaes with its associated password (if any) in a MS Word table. 3. A print screen of the MS Windows Explorer (My Computer) showing the 2 created folders (My-Distributed-Databases and My-Trusterd-Location) 4. List 5 ways you will security your database system 5. Insert a footer displaying your full name at the left margin and date/time at the right margin. Hint: Use keyboard keys alt and prt scrn' to make a copy of the ACTIVE window on your computer's screen and then paste it into your MS Word document.Explanation / Answer
DATABASE Security Plan
4. 5 ways of security to the DatabaseSystem:
5A.Encrypt your database:
Just as important as the passwords is the encryption of your database.
Encryption means converting your data to a format such that, were it to be intercepted, would seem like a string of letters and numbers with no tangible meaning.
But to the database program, it all easily converts to the data you want. But it ties back into passwords.
A Yahoo! hack in 2012 exposed more than 400,000 passwords in plain text to the web at large.
This meant open access to emails and passwords, and the need for a whole lot of users who put their faith in Yahoo! to change their passwords.
Here, too, you don’t want to be the company at the other end of that controversy. Make sure that your database is encrypted with up-to-date encryption software.
5B.Segment your database :
A wide open database is a wide open vulnerability.
You’ll want to segment your data to make sure that not just anyone sees everything.
In many systems, various roles can be created within the database.
For instance, you might want to have users, super users, administrators, and super administrators.
Users can access or input basic information, but not alter information beyond what they’ve put in, whereas a superuser has computer permissions that allow wider access to data without being able to change everything.
An administrator can work above all of these users, altering the structure of the database or having access to more sensitive information, while a super administrator can run the whole operation. For the upper tiers, you’ll want to keep the number of people with those clearances low, such as managers or department heads.
This ensure that, should a password be exposed on the site, it’s not devastating if it’s only someone with access to basic information on the site.
5C.Don’t show people the backdoor :
A simple way to protect your database? Leave it out of sight.
This means keeping it hidden from search engine results through the robots.txt file, and also not linking to it directly.
While you want employees to have access to database information, you may not want to put the log-in directly on the site.
If you have an online database, do yourself a favor and keep it on a need-to-know basis. After all, the first step toward hacking a database is finding it in the first place.
5D.Have secure passwords :
The most sophisticated systems on Earth can’t protect against a bad password.
There are the typical culprits — 12345, ABCDE, anything else on the most guessed password list — but hackers have increasingly sophisticated tools at their disposal that makes many other passwords increasingly vulnerable.
Now, it’s not just making your password “password” that you have to worry about.
It can be words in-and-of themselves. Programs exist that guess passwords that might be words in the dictionary or commonly used phrases, so those are out.
You can try to make a combination of letters, numbers and symbols to throw off would-be hackers.
You can check your password here to see how long it would take hackers to guess it.
Business Bee has also rated some password management tools that may be able to help you.
One other suggestion is to set rules that make employees change passwords on a revolving basis.
If a password isn’t changed after 90 days, lock out that account pending administrator approval to make sure that an old password isn’t a hacker’s way in.
5E.Monitor and audit your database
One way to prevent database breaches is to keep an eye on the database itself.
Monitoring access and behaviors of database users can help you ensure that no odd behaviors are exhibited that might imply a leak.
Checking unfamiliar IP addresses can ensure that no one has an employee password who shouldn’t.
Think of it like when you get a call from the bank asking you to confirm a transaction.
Your address is in New York, but your card is being used in Calgary. It’s a red flag to bank security, and the same thing should be a red flag to your business.
In addition, regular audits of your database help find inactive accounts, helping eliminate problems that might arise with someone obtaining old employee information.
Perform regular audits, and your company can tighten up security before problems arise.
Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.