What are the drawbacks of database security?

Database security defines the collective measures used to protect and secure a database or database management software from unauthorized use and malicious cyber threats and attacks. Database security is a layer of information security. It is basically concerned with physical protection of information, encryption of data in storage and data remanence problem.

Securing the database is a basic principle for some security workers while mounting the security plan. The database is a compilation of beneficial information and can be treated as the most important constituent of an organization and its economic enlargement.

Accordingly, some security effort should remember that they need to provide the strongest level of control for the database. As is accurate for some other expertise, the security of database management systems is based on some other systems. These includes the operating system, the applications that need the DBMS, services that interrelate with the DBMS, the web server that creates the application obtainable to end users, etc.

There are various drawbacks of database security which are as follows −

  • Weak User Account Settings − Some database user accounts do not enclose the user settings that can be establish in operating system surroundings. The user accounts name and passwords, which are usually known, are not disabled or customized to avert access.

    The user account settings allows restricted capabilities for security, without password controls on dictionary checks or account controls helping expiration of user account.

  • Insufficient Segregation of Duties − There is no recognized security administrator role is specified in the database management of the organization. This effects in database administrators (DBAs) implementing both the functions of the manager (for users accounts), moreover the performance and operations specialist. This can consequence in management incompetence.

  • Inadequate Audit Trails − The auditing potentials of databases because it need maintaining track of more needs, are frequently ignored for improved performance or disk area. It can be inadequate auditing consequences in abridged accountability. It also reduce the effectiveness of data history analysis.

    The audit trails records information concerning the actions taken on firm critical of information. They log events directly linked with the data, thus they are essential for inspecting the access and the actions on a database system.

  • Unused DBMS Security Features − The security of an individual application is generally sovereign of the security of the DBMS. It is important that security dimensions that are built into an application relate to users of the client software only.

    The DBMS itself and some tools or utilities that can connect to the database directly through ODBC or some other protocol, can bypass this application level security totally. Therefore, it should tries to use security limitations that are stable.