Security Plan - Introduction to Database Security - Lecture Slides, Slides of Network security

The key points which are very informative in context of the database security are listed as:Security Plan, Key Components of Plan, Account Management, Employees, Policies and Procedures, Policy Development, Dissemination of Plan, Technology Use, Security Policy Specifies, Implemented

Typology: Slides

2012/2013

Uploaded on 04/22/2013

sathiamoorthy
sathiamoorthy 🇮🇳

4.4

(24)

106 documents

1 / 12

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Security Plan
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa

Partial preview of the text

Download Security Plan - Introduction to Database Security - Lecture Slides and more Slides Network security in PDF only on Docsity!

Security Plan

Security Plan

  • Security Plan
  • Key components of plan
  • Account Management
  • Employees

Policies and Procedures

  • Security plan is the ‘big picture’ document
  • Security policy specifies the details of how the plan will be implemented
  • Security plan lays down the general guidelines that the organization would follow
  • Management commitment to plan
  • Team effort in policies and procedures

Policy Development

  • Uniformity in scope of policies
    • User account creation
    • User account privileges
    • Sensitive information handling
    • Penalties for violation
  • Operating system security
    • Create group privileges to protect cross group functions
    • Databases under each OS

Dissemination of Plan

  • Access to current plan is essential
  • Easiest way for dissemination is to make it available only through the Intranet
  • Educate the members about the plan with periodic messages

Technology Use

  • DBA is usually a team
  • Allocate responsibility for security aspects among the DBAs
  • Restrict sensitive information to a select few

Key Components of Plan

  • Auditing
    • Settings to capture both successful and unsuccessful login attempts
    • Log all database updates
    • Authenticated update

Account Management

  • Admin account
  • User account
  • Standards
    • Usernames
    • Passwords
    • Roles
    • Database access (views, reports)