Data Security Challenges Flashcards
[Myth or Fact?]
Hackers cause most security breaches.
myth
[Myth or Fact?]
Encryption is only one approach to securing data. Security also requires access control, data integrity, system availability and auditing.
Fact
[Myth or Fact?]
Firewalls make your data secure.
Myth
Your computers must be physically inaccessible to unauthorized
users. This means that you must keep them in a secure physical
Environment.
Physical
The people responsible for system administration and data security at your site must be reliable. You may need to perform background checks on DBAs before making hiring decisions.
Personnel
The procedures used in the operation of your system must assure reliable data.
One person might be responsible for
database backups. His/ her role is to be sure the database is up
and running.
Procedural
Storage, access, manipulation, and transmission of data must be
safeguarded by technology that enforces your particular
information control policies
Technical
Basic Security Standards (ung laging tatlo)
- Confidentiality
- Integrity
- Availability
A secure system ensures the
confidentiality of data.
This means that it
allows individuals to see only the data which they are supposed to see.
Confidentiality
Aspects of Confidentiality (4)
- Privacy of Communication
2, Secure Storage of Sensitive Data - Authenticated Users
- Granular Access Control
is the process by which a user’s identity is checked.
Authentication
is the process by which the user’s privileges are ascertained.
Authorization
is the process by which the user’s access to physical data in the application is limited, based on his privileges.
Access control
A secure system ensures that the data it contains is valid.
Integrity
means that data is protected from deletion and corruption, both while it resides within the database, and while it is being transmitted over the network.
Data integrity
is the ability to maintain valid relationships between values in the database, according to rules that have been defined.
Referential integrity
A secure system makes data available to authorized users, without delay.
Availability
System Availability Aspects (4)
- Resistance
- Scalability
- flexibility
- ease of use
Secure system must be designed to fend off situations, or deliberate attacks, which might put it out of commision.
Resistance
System performance must remain adequate regardless of the number of users or processes demanding service.
Scalability
Administrators must have adequate means of managing the user population.
Flexibility
The security implementation itself must not diminish the ability of valid users to get their work done.
Ease of use
The integrity and privacy of data are at risk from unauthorized users, external sources listening in on the network, and internal users giving away the store.
Availability
Potential attacks (7)
- Data Tampering
- Eavesdropping and Data Theft
- Falsifying User Identities
- Password-Related Threats
- Unauthorized Access to Tables and Columns
- Unauthorized Access to Data Rows
- Lack of Accountability