Databases - Resource Management - Lecture Notes, Study notes of Human Resource Management

Databases, Database Introduction, Importance of Databases, Enterprise Resource Planning, Problems with ERP, Database Security Breaches, Privacy Rights Clearinghouse, Data Access Risks, Computer Crime, Security Survey are some important points from lecture handout of Resource Management.

Typology: Study notes

2011/2012

Uploaded on 12/20/2012

devashish
devashish 🇮🇳

4.3

(24)

111 documents

1 / 3

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Database Introduction
Centralized and Structured collection of data stored in a computer system
An electronic filing system
Easy access to information
Importance of Databases
Provide a convenient means of storing large amounts of data.
Quick access to information allowing for sorting, searching, viewing and manipulating.
Efficiency.
Enterprise Resource Planning
Enterprise Resource Planning - ERP is an application system that integrates a company’s
business processes and financial data in one platform.
Massive Database that encompasses the entire business operations.
Problems with ERP
There is a shortage of staff members trained in ERP security.
Implementers pay inadequate attention to ERP security during deployment.
ERP tools for security audit are inadequate.
The customization of ERP systems to firms inhibits the development of standardized security
solutions.
Database Security Breaches
Data loss can cost a company significant losses in revenue, integrity, and bring on unwanted
litigation.
As noted in a 2007 survey, 85 percent of businesses have experienced a data security breach.
The estimated breaches have cost US $182 per compromised record.
Data breaches remain the leading cause of financial losses.
A survey conducted in 2007 revealed that 40 percent of companies are not monitoring their
databases for suspicious activity.
Privacy Rights Clearinghouse. www.privacyrights.org
Docsity.com
pf3

Partial preview of the text

Download Databases - Resource Management - Lecture Notes and more Study notes Human Resource Management in PDF only on Docsity!

Database Introduction

 Centralized and Structured collection of data stored in a computer system

 An electronic filing system

 Easy access to information

Importance of Databases

 Provide a convenient means of storing large amounts of data.

 Quick access to information allowing for sorting, searching, viewing and manipulating.

 Efficiency.

Enterprise Resource Planning

 Enterprise Resource Planning - ERP is an application system that integrates a company’s business processes and financial data in one platform.

 Massive Database that encompasses the entire business operations.

Problems with ERP

 There is a shortage of staff members trained in ERP security.

 Implementers pay inadequate attention to ERP security during deployment.

 ERP tools for security audit are inadequate.

 The customization of ERP systems to firms inhibits the development of standardized security solutions.

Database Security Breaches

 Data loss can cost a company significant losses in revenue, integrity, and bring on unwanted litigation.

 As noted in a 2007 survey, 85 percent of businesses have experienced a data security breach.

 The estimated breaches have cost US $182 per compromised record.

 Data breaches remain the leading cause of financial losses.

 A survey conducted in 2007 revealed that 40 percent of companies are not monitoring their databases for suspicious activity.

 Privacy Rights Clearinghouse. www.privacyrights.org

Data Access Risks

 External

◦ Gaining access from outside the company.

 Internal

◦ Employee who should not have access, gains access

◦ Employee abuses their access privileges.

2007 Computer Crime and Security Survey:

◦ Insider abuse of net access- 59 percent

◦ Unauthorized access to information- 25 percent

◦ Theft of customer or employee data- 17 percent

Data Access Controls

 Perimeter Controls

◦ Keep people on the outside from gaining access.

 User identity and access management

◦ Who is allowed to do what.

◦ Ensure things are as they are supposed to be.

 Application systems

◦ Independent audit software tools.

 Privileged Users

◦ Physical and logical controls within and outside their sphere of operational control are needed to provide evidence of their actions.

Auditing Databases – Preliminary Steps

 Review prior report if there is one.

 Obtain important information from database environment

 Talk to database administrators

 Identify significant risks and key controls that mitigate these risks.