Jan 21, 2009

Database Security in Economy Crisis

When there is a economic crisis , there are people loss jobs due to it and risk of important data lossing is there too especially with those people have privilege on data access.

For those fortune 100 company where theu outsource their IT function to india and other cheaper country. What will happen to their data.

Recently case for example Satyam accounting scandal , noone can predict how it can happen as because India is one major IT services exportor in the world , every company is doing their best to get good deal with cheaper model.Why it scandal still ? ---(I am a bit too far sorry)

Ok ok ,let's go back to security so how to further protect our data ?

- Keeping single version of database , Usually database company will release latest version security patch on their latest product instead of backward support old product.

-Remove default user/password during the installation

-remove Local direct access , all access need to go through such as NT/Authentication Or firewall.

-Throw away default installation.

-Remove unnecesary privillege - This also the difficulty case because when we deal with customer and their vendor instead to have some admin privillege for application security but IT manage buy their idea and forgone that securty break may happen outside of the application.

-Follow international standard such as Sarbanes-Oxley (SOX), PCI DSS, HIPAA and other regulatory requirement.

Security is not something can be leave aside even in whatever Crisis.Because your company is responsible to the sociaty on protecting your customer/employee data from hacker (internal/external).

No comments: