Database Security

Designing, building and maintenance are all important pieces to implementing a solid database, and in order to enhance the function of a database adding security to it is key. Database security is passed through various policies, standards, and procedures and is broken into three parts; physical, user, and network.

The physical security is the “location” of the database. As discussed in class databases should be located in a central location. Most databases are and should be stored in a specific locked room where only IT and DBA employees have physical access to the room. The structure of the rooms should be tall, where the walls to the room are solid and rise completely up to the next level so that ceiling access can be eliminated.

The user security is tailored to what the current users needs from the database. For example a floor manager would not need to see the SSN of his employee, whereas a human resource manager would. In this case the floor manager would have limited access to items within the database.

The network security should be handled both internally and externally (firewalls). Username and passwords should be given to all employees. More important files if not all should be encrypted. All databases should have some sort of Detection System to monitor any suspicious activity.