DEFINITION OF DATA SECURITY
Data security is the practice of keeping data protected from corruption and unauthorized access. The focus behind data security is to ensure privacy while protecting personal or corporate data.
It is a means of putting in place the different form of information security controls to protect database against compromise of their confidentiality, integrity and availability.
RISK ASSESSMENT
This will enable you to identify the risks you are faced with and what could happen if valuable data is lost through theft, malware infection or a system crash.
SECURING DATA
Since data can be compromised in many ways, the best security against misuse or theft involves a combination of technical measures, physical security and a well-educated staff. You should implement clearly defined polices into your infrastructure and effectively present them to the staff.
TYPES OF SECURITY CONTROL ON THE DATA
- Access Control
Is the selective restriction of access to a place or other resource. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization. - Auditing
Database auditing involves observing a database so as to be aware of the actions of database users. Database administrators and consultants often set up auditing for security purposes, for example, to ensure that those without the permission to access information do not access it. - Authentication
Is the validation control that allows you to log into a system, email or blog account etc. Once logged in, you have various privileges until logging out. Some systems will cancel a session if your machine has been idle for a certain amount of time, requiring that you prove authentication once again to re-enter.You can log in using multiple factors such as a password, a smart card or even a fingerprint. - Encryption
This security mechanism uses mathematical scheme and algorithms to scramble data into unreadable text. It can only be decoded or decrypted by the party that possesses the associated key. - Back Up
This is the process of making copy and archiving of computer data in the event of data losswhich is used to restore the original data. - Password
This is sequence of secret characters used to enable access to afile, program, computer system and other resources.
EVALUATION
IMPORTANCE OF DATA SECURITY
Data security is critical for most business and even home computer users. Client information, payment information, personal files, bank account details- all this information can be hard to replace and potentially dangerous if it falls into the wrong hands. Data lost due to disaster such as a flood of fire is crushing, but losing it to hackers or a malware infection can have much greater consequences.
MAJOR THREATS TO DATA SECURITY
a. Accident can happen due to human error or software/ hardware error.
b. Hackers could steal vital information and fraud can easily be perpetrated.
c. Loss of data integrity.
d. Improper data access to personal or confidential data.
e. Loss of data availability through sabotage , a virus , or a worm.
INTEGRITY CONTROLS
BACKUPS
Is the process of copying and archiving of computer data so it may be used to restore the original after a data loss event.
Backupshave two distinct purposes. The primary purpose is to recover data after its loss, be it by data deletion or corruption. The secondary purpose of backups is to recover data from an earlier time, according to a user-defined data retention policy, typically configured within a backup application for how long copies of data are required. Backup is just one of the disaster recovery plans.
APPLICATION SECURITY
Application security is the use of software, hardware and procedural methods to protect application from external threats.
THE ROLE OF DATABASE ADMINISTRATOR IN DATA SECURITY
A database administrator (DB) is a person responsible for the installation, configuration, upgrade, administration, monitoring and maintenance of databases in an organization. The role includes the development and design of database strategies, system monitoring and improving database performance and capacity, and planning for future expansion requirements. They may also plan, co-ordinate an implement security measures to safeguard the database.
A database administrator’s responsibilities can include the following tasks:
- Installing and upgrading the database server and application tools.
- Allocating system storage and planning future storage requirements for the database system
- Modifying the database structure, as necessary, from information given by application developers.
- Enrolling users and maintaining system security.
- Ensuring compliance with database vendor license agreement.
- Controlling and monitoring user access to the database.
- Monitoring and optimizing the performance of the database.
- Planning for backup and recovery of database information.
- Maintaining archive data.
- Backing and restoring databases.
- Contacting database vendor for technical support.
- Generating various reports by querying database as per need.
GENERAL EVALUATION - Define the roles of a database administrator in data security
- Define backup and list its importance in data security
READING ASSIGNMENT
Understanding Data Processing for Senior Secondary Schools by Dinehin Victoria Pages 255 – 260
WEEKEND ASSIGNMENT
- …………….is the practice of keeping data protected from corruption and unauthorized access. (a) Data measurement (b) Data security (c) Data protection (d) Data control
- Which of these is not a type of security control ……?(a) access control (b) auditing (c) encryption(d) storage
- .………….. security mechanism uses mathematical schemes and algorithm to scramble data into unreadable text. (a) Encryption (b) Auditing (c) Authentication (d) Auditing
- .…………. is the process of copying and archiving data so it may be used to restore original after a data loss (a) Backup (b) Restore (c) Control (d) Saving
- …..……… is the computer professional responsible for the configuration, administration and maintenance of a database (a) Programmer (b) System administrator (c) Database administrator (d) System analyst
THEORY