5/6/2021 Database Security Management - Video & Lesson Transcript | Study.

com

Database Security Management

For data to be secure all the systems around the data should be secured. In this lesson, we'll learn about the
threats to database systems today and the processes and procedures used to protect the con dentiality of a
database system.

What Is Database Security Management?

Data can be described as anything that can be understood by humans or machine. This could
range from personal les, banking details, and intellectual property to government classi ed les. It
is collected, retained and shared from within a database system.

Its value is measured by its accuracy, consistency, usability, relevance and availability.
Modernization today has its foundations built on secure data and database systems. Births, deaths,
education, immigration, banks, social security are just a few systems built on databases.

Imagine a bank, Harbor Deck Bank Ltd (HDB Ltd), with a customer base of about 4000. None of the
bank sta has the mental capacity to memorize the account balances of any of the bank's
numerous customers. From the shareholders to the clerk, the bank's reputation and survival as a
whole depend on the reliability of its data, database systems, and connected bank platforms.

The bank keeps track of every transaction, maintaining correct balances in the accounts. With the
bank's customers' purchasing power running from a few dollars to billions of dollars, unreliable
data and poor database security, opens the doors to security breaches which could result in
lawsuits, frauds, theft, data exposure, and malicious attacks all at the same time. Securing a
database is very important.

Database security management refers to the collection of processes and procedures used to
protect and secure a database or database management software from illegitimate activity and
use, malicious threats, and attacks.

Threats to Database Security

https://study.com/academy/lesson/database-security-management.html 1/3
5/6/2021 Database Security Management - Video & Lesson Transcript | Study.com

The Internet: Today, the widely used internet has facilitated the dynamic growth and transmission
of data. Internet banking platforms are convenient for Harbor Deck Banking Ltd customers, but this
has expanded the bank's database coverage and opened it up to a spectrum of potential threats.
As a result of this, the bank's data is under constant threats such as malware, viruses, and SQL
injection attacks.

Hackers: These are deliberate attacks by individuals using expert computer skills to illegally access
a computer system. Their motives include theft, fraud, and organizational sabotage. If a hacker is
successful, customers' personal information or account details can be stolen and exposed.

Fraud: Individuals attempt to gain illegal access to data with the intention of making nancial or
personal gains from the information. If Harbor Deck Banking Ltd su ers a security breach, the data
could be copied and sold. For example, fraudsters could use customer data to create cloned
banking cards to carry out unauthorized nancial transactions.

Human Negligence: There is hardly a technology-based system that completely lacks a human
interface. Expertise is required to properly implement the necessary security controls and ensure
security policies are enforced.

As a bank, Harbor Deck Banking Ltd has closed circuit TV security cameras installed with a full
complement of alarm systems to monitor and secure its premises both during and at the close of
business. These systems have to be constantly monitored and kept live…by humans! This is no
di erent when it comes to their database systems. Experts need to recognize security threats and
breaches early and immediately identify system weaknesses and loopholes to prevent further
damage to the institution.

Forms
Protection of databases comes in di erent forms and sophistication depending on the value of the
data being protected. Encryption is a security feature used to protect existing data from being
accessed by unauthorized persons. It uses the process of converting data (or scrambling it) into a
form that is unreadable to anyone who does not know the key to reading the data. The process of
using this special key to read the scrambled data is called decryption. Database systems always
have data in transit or at rest. Encryption tools are one layer of security used to protect the data.

Harbor Deck Banking Ltd has various sta accessing the bank's network. User access
authentication is the process by which only registered users can gain access to the network
and/or database applications. It's the same concept with email accounts, where only the person
with the correct username and password combination can access a particular account.

To be authorized at Harbor Deck Banking Ltd, a user needs to have a valid ID and password
created by the network and/or database administrators. Authentication happens by signing in and
is usually followed by a signing-o or logging o , which shuts down that person's access to the
network/data, preventing the next user of the computer from gaining access.

https://study.com/academy/lesson/database-security-management.html 2/3
5/6/2021 Database Security Management - Video & Lesson Transcript | Study.com

View definition controls who can view what data in the database. It de nes data views to control
the scope of the data that is being accessed by the authorized user. A teller may only need to see
an account's available balance in order to honor debits made on the account. On the other hand,
the account manager may need to access all the customer's transaction history to make an
assessment for the approval of a loan.

The database can be audited as it's being used. One important security feature of database
applications is the existence of an audit trail. This feature automatically records a brief description
of every activity carried out of the database. In the event of internal fraud, illegal activities
deciphered can be traced down to the time of action and login details.

A security breach such as hacking or malicious code injections can result in system disruptions,
malicious scrambling of data, as well as data loss. The state of a database after a breach cannot be
predicted, but the existence of reliable data backup can restore the system functions and any data
lost.

Lesson Summary
Database security management refers to the collection of processes and procedures used to
protect and secure a database from a variety of threats, such as hackers, fraud, and human
negligence. Database security administrations need experienced security experts that can help
protect con dential information through features such as encryption and user access
authentication. In general, the larger the business, the higher the risks and need for more
sophisticated security infrastructure.

https://study.com/academy/lesson/database-security-management.html 3/3