Database Reference
In-Depth Information
Solution Options
We have looked at the types of potential threats to a database system. Various types
of sources pose different threats. How do you make provisions to protect your data-
base system? When you consider each type of threat or problem, adopt a three-level
approach to problem resolution:
•
Minimize the probability of the problem happening. Establish enough protec-
tion rings to enclose the database system. Take all the necessary protective
measures and institute strong deterrents.
•
Diminish the damage if it happens. If an intruder manages to penetrate the
outer layer of protection, make it progressively difficult to cut through the inner
layers. Guard the most sensitive portions of the database with the most
stringent security measures.
•
Devise precise recovery schemes. If a vandal manages to destroy some parts
of the database, have a tested method to recover from the damage. If a fire
destroys your database, plan to be able to restore from a copy stored off-site.
When you examine the types of threats, you will notice that most of the
recovery solutions must be a combination of general control procedures and
computer-based techniques. Let us explore the nature of these two types of
solution methods.
General Control Procedures
These are matters of broad security policy and
general procedures. Although these procedures deal with the security of the data-
base in a computer system, most of these do not involve the direct use of comput-
ers. Many of these relate to planning and policy-making. Some are physical controls,
and a few others involve outside agencies. The following is a list of such security
measures.
Physical controls.
Include physical access to buildings, monitoring of visitors at
entrances and exits, and guarding of workstations and servers.
Human controls.
Safeguard against threats from information system professionals
and specialists by proper security clearance to work on sensitive data.
Control of equipment.
Includes secure placement of equipment such as laptops
loaded with sensitive data and printers that are designated to print critical data.
Security through outside agencies.
Refers to third-party storage areas to keep
backup copies of database and outside installations that can be used for disaster
recovery.
Contingency Plans.
Intended to be adopted in case of fire or bomb alerts. Plans
must include designation of responsibilities and procedures for recovery.
Security Policy.
An essential element of the security system to address the scope
of the security schemes, the duties and responsibilities of employees, the procedures
Search WWH ::
Custom Search