Strategy: Database Access Control
How to Implement Effective Database Access Control
Experts agree: One reason for the compromise of database information is that users are given too much privilege. How can an IT organization build an environment in which database users (and administrators) are allowed to access only the data they truly need? How can organizations limit the user's ability to download, rewrite or delete sensitive data? What is the relationship between current identity management tools and initiatives and overall database security? We take a close look at managing users' access to databases functions, and the tools and practices used to limit user access to business-appropriate tasks. (S1880910)
?
Table of Contents
3 Author's Bio
4 Executive Summary
5 Figure 1: Satisfaction With Database Environment
6 Excess Access
6 Figure 2: Use of Encryption on Databases With Sensitive Information
8 Process and Least Privilege
9 Figure 3: Sales Process Before Implementing Least Privilege
10 Figure 4: Applying Least Privilege to the Sales Process
11 Roles, Policies and Identity Management
11 Figure 5: Sample Sales Database Structure
15 Tools and Technologies
17 Summary Recommendations
17 Figure 6: Transaction Logging Enabled on Databases With Sensitive Information
?
About the Author
Diana Kelley, a 20-year veteran of the IT industry, is a partner in and co-founder of research and consulting firm SecurityCurve, based in Amherst, N.H. She formerly served as vice president and service director for security and risk management strategies at Burton Group, executive security adviser for CA, general manager at Symantec, and manager, financial services consulting at KPMG. Diana has extensive experience creating secure network architectures and business solutions for large corporations and delivering strategic, competitive knowledge to security software vendors.
Be the first one to comment.