What is the need of database security in information security?

Database security contains securing the database from permitted access, alteration or elimination. Because the database defines an essential corporate resource, database security is an essential subcomponent of some organization’s complete information system security plan.

Moreover the requirement to keep and secure information for the smooth services of the organization, database designers have the authority to secure the privacy of individuals about whom data is maintained.

Privacy is the right of individuals to have some control over data about themselves. Some countries have laws designed to secure privacy, and each organization that collects and stores data about individually is legally obliged to adopt policies that comply with local privacy legislation.

The general element in a global economy where some business is prepared electronically using B2B [Business to Business] or using B2C [business to consumer] or some more conventional method is electronic transfer and storage of information. This is very electronic data is the organization major data asset. A negotiation of this data can bang the business out or holdup in the processing this data can direct to user approval concerns and loss of industry share.

In the United States, the Gramm-Leach-Bliley Act needs companies to inform user of their privacy policies and to provide opt-out provisions for user who do not require their personal data distributed away from the company.

Data combined on a computer that has even a remote feasibility of enclosing data like social security numbers, credit card and financial account numbers, account balances, and investment portfolio information should be confined. The use and revelation of patient medical data initially was limited by a patchwork of U.S. state laws, leaving break in the security of patient privacy and confidentiality.

Some high organizations have installed antivirus software, firewalls and even Intrusion Detection Systems (IDSs) to secure their networks and host operating systems, but fail to support proper concentration to enterprise database servers, on the supposition that they are isolated by firewalls and some defenses at the network perimeter.

These databases are the major reason company invest in IT in the first area, and the data they surround are frequently the company most valuable assets. Certainly, an enterprise without database protection is like a bank with locks on the doors and armed protectors by each entrance, but no vault.

Database servers are attacked by hackers because −

  • If it can gaze closely it is seen why the hackers adore hacking the database server.

  • Some database servers are configured with default usernames and passwords, and more user Scott password Tiger or user system password manager.

  • Some database servers are using default setting which was a group by manufacturers, etc., by default public have the opportunity to execute.

  • Database servers are not patched accurately.