Many organizations experience security vulnerabilities as there is no higher level system administrator overseeing the system administrator. Someone needs to ensure that the system administrator is following appropriate guidelines, applying the lastest patches, and testing the security of the database.
Database security is often broken down into four particular segments.
1.) Server Security
Database servers are the most important servers your company owns. They store client details, financial information, human resource details - all the data that keeps your company in business and, as such, they need to be secure. Server security limits actual access to the database server.
2.) Trusted IP addresses
Servers should be configured to only allow trusted IP addresses. You should know who is communicating with your database server.
3.) Database Connections
Be cautious of allowing users to to make updates to the database via a webpage. Make sure each user is authenticated and remove SQL code from user input.
4.) Restricting Database Access
One should prevent open access from the Internet and each database system should have it's own set of unique features.
No comments:
Post a Comment