Security Management Strategies for the CIOAccess "Basic Database Security: Step by Step"
This article is part of the December 2009 issue of Step-by-step guide to avoiding basic database security risks
SQL injection and buffer overflows are database vulnerabilities that have been exploited for more than a decade, yet they remain common attack vectors in compromising database systems, even when patches and workarounds exist. Attackers also burrow their way in using default user account names and passwords; all the while, database administrators and IT professionals complain about the costs of provisioning user accounts. And finally, through public breach disclosures we learn that unencrypted tapes are lost or sensitive data is regularly moved to unsecured systems. Clearly we're still missing the basic steps for securing database systems. So forget fancy encryption techniques, event correlation or forensic analysis. Instead, organizations, especially in this troubled economy, need a clear, actionable and pragmatic approach to database security. Unfortunately the essentials are often overlooked in large organizations and appear overwhelming to database professionals who don't know quite where to start. We want to make it simple. Here we'll offer a quick ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Is New Google Chromium OS a Security Game-Changer?
Google says Chromium's process isolation and sandbox security features harden the OS from attack.
-
Carefully evaluate providers' SaaS security model
Enterprises need to make sure a SaaS provider has the proper security controls to protect sensitive data before a contract is signed
-
Is New Google Chromium OS a Security Game-Changer?
-
-
Basic Database Security: Step by Step
by Adrian Lane, Contributor
Use this checklist to ensure you're following the basics for securing database systems.
-
Writing security policies using a taxonomy-based approach
by Ravila Helen White, Contributor
Forget structure-driven policy architecture; we'll show you how to build information security policy artifacts using a taxonomy approach that will help you build global policies in a snap.
-
Basic Database Security: Step by Step
by Adrian Lane, Contributor
-
Columns
-
Is HITECH Destined to be a Cybercrime Stimulus Act?
The HITECH Act, part of the economic stimulus bill, is intended to foster electronic medical records systems adoption, but will also introduce security and privacy risks to patient medical and billing data.
-
Editor's Desk: Apathy and the Cybersecurity Coordinator
Six months since President Obama announced he would appoint a cybersecurity coordinator, the position sits vacant. Do you care?
-
Is HITECH Destined to be a Cybercrime Stimulus Act?
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...