Database Security

Database security is the protection of the data against accidental or intentional loss, destruction or misuse. The data in a database need to be protected from abuse-these should be protected from unauthorized access and update.

Threats to Data Security:

Threats to data security may be direct threats to the database. For examples; those who gain unauthorized access to a database may then browse change or even steal the data to which they have gained access.

The following threats must be addressed in a comprehensive data security plan:

a. Accidental losses, including human error, software and hardware caused breaches: Establishing opening procedures such as user authorization, uniform software installation procedures, and hardware maintenance schedules are examples of actions that may be taken to address threats from accidental losses.

b. Theft and Fraud: These activities are going to be perpetrated by people, quite possible through electronic means. Attention here should focus on each possible location. For examples; control of physical security, so that unauthorized personnel are not able to gain access to machine room, should be established.

c. Loss of Privacy & confidentiality: Loss of privacy is usually taken to mean loss of protection of data about individuals, while loss of confidentiality is usually take to mean loss of protection of critical organizational data, which may have strategic value to the organization.

d. Loss of Data Integrity: When data integrity compromised, data will be invalid or corrupted. Unless data integrity can be restored through established backup and recovery procedures, an organization may suffer serious losses or make incorrect and expensive decisions based on the invalid data.

e. Loss of Availability: Sabotage of hardware, network or applications make cause the data to become unavailable to users which again may lead to server operational difficulties.

So, we can say that database is essential to store the documents that’s why we need to do secure the database to protect the threats.