How well do you protect your database?
You may think you are protecting it pretty well, but lets challenge that. Lets apply the same thinking to the database as you would to something more tangible.
Precious Personal Possessions
Imagine that you live in a gated community. Nobody can get in without passing the guard booth and giving the proper passcode and reporting who they are visiting.
Now you are about to leave the house for the evening and you don’t want to take that 150 year old priceless diamond pendant that you inherited from your grandmother with you. You know that the security guard at the gate has your back, right?
So what would you do?
- Leave the diamond out on the table and don’t bother locking the front door, because the security guard has your back.
- Put the diamond in the drawer, cover it with a few pairs of sox, and lock your front door.
- Put the diamond in your safety vault, lock your front door, and engage the alarm system. You do this because you know that someone might get past the gate.
Precious Company Data
Now think about the precious data that runs your business in your database. It is worth hundreds of thousands or even millions of dollars to your business. So you want to protect it, right?
You know that the doors to the data center are locked at night, and the security guard has your back. You know that the your network firewall is secure and your security team has done penetration tests to make sure nobody can get in.
So what do you do?
- You don’t worry too much about the database, because the firewall and the security guard have your back.
- You implement strong database password policies and you encrypt your data to make it harder for people to use the data if they get to it.
- You implement strong database security like Oracle Database Vault, Virtual Private Database, Data Masking, and Transparent Sensitive Data Protection. You conduct security audits, penetration tests, and security assessments on the database itself. You implement ongoing database monitoring. You do this because you understand that someone might get past the gate.
In the case of a very precious heirloom, most people would not even consider the first choice, and if the items are very valuable, will insist on the third option, strong security in a tight perimeter around the valuable object.
But some businesses rely only on option 1 for the data that runs their entire business. They lock the doors of their office at night, but do little to protect the data that is far more valuable than the office space.
If you would like to talk about options for securing your precious data. Looks for us at www.budaconsulting.com/security