Sep 07

Your Top 10 Security Steps to Protect Your Data, Part 9

9. Assess and improve security measures

It’s important to take a hands on and proactive approach to security. For example, when new users access the database, you should re-evaluate the appropriate level of access to the data itself and the database structure, depending on the new users’ job duties or roles in a company.
Ask yourself the following questions before developing a company-wide database, and on an ongoing basis, as the files change over time:
•What is valuable?
•Why is it valuable?
•How valuable is it?
•How damaging would its loss or disclosure be?
•What is the minimum level of security to prevent loss or disclosure?
•What tools can I use to implement that security?
To assess security, enable log files in the database and the database server, and review users’ actions. You can also track actions if you include scripts and calculations that capture the user’s account name, password, and IP address.
If you find issues with particular users, reconsider their level of clearance, and re-train or pass along the information to their line manager as needed.

10. Upgrade to your database for security enhancements
Security has been redesigned in databases and database servers due to known threats, and continued testing and perfecting. Wherever possible and affordable, upgrade to get access to the new tools provided. Also, your needs may change over time and you may decide to allow some data from with your company to be published on the web, for instance, in which case you might need a different edition of the database to take advantage of this feature. Be proactive about finding out about know bugs to the system, threats, improvements, and upgrades.

These ten steps will help you protect the security and integrity of your data, and your company.

Leave a Reply