Scribd Logo
Upload

Welcome to Scribd!

  • COM 508 Discussion8

    Uploaded by

    sona
    6 views1 page
    Database security is an essential component of business security as it aims to protect data, database management systems, and applications from unauthorized access and damage. The document discusses some of the major threats to database security, including SQL injections that can give complete access to stored data, insufficient audit trails that can violate data protection laws, internal threats from privileged insiders, human errors like weak passwords or data deletion, and malware infections. Proper database security requires identifying and mitigating these threats through measures like logging all database events, automated auditing, and educating staff on basic security practices.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Database security is an essential component of business security as it aims to protect data, database management systems, and applications from unauthorized access and damage. The document discusses some of the major threats to database security, including SQL injections that can give complete access to stored data, insufficient audit trails that can violate data protection laws, internal threats from privileged insiders, human errors like weak passwords or data deletion, and malware infections. Proper database security requires identifying and mitigating these threats through measures like logging all database events, automated auditing, and educating staff on basic security practices.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views1 page

    COM 508 Discussion8

    Uploaded by

    sona
    Database security is an essential component of business security as it aims to protect data, database management systems, and applications from unauthorized access and damage. The document discusses some of the major threats to database security, including SQL injections that can give complete access to stored data, insufficient audit trails that can violate data protection laws, internal threats from privileged insiders, human errors like weak passwords or data deletion, and malware infections. Proper database security requires identifying and mitigating these threats through measures like logging all database events, automated auditing, and educating staff on basic security practices.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    Discuss one of the concepts presented in this module and why it is important

    in software security.
    Database security refers to methods for safeguarding database management systems from
    malicious cyber-attacks and unlawful access. Database security procedures are intended to
    protect the data in the database, the data management system, and any applications that access
    it against unauthorized access, damage, or infiltration. Due to its fundamental importance,
    data protection is an essential component of business security. Data security must be the
    primary goal of every database management system (DBMS), often known as database
    security.

    The breach could be caused by a variety of software defects, misconfigurations, or habits of


    misuse or incompetence. Some of the most well-known causes and types of database security
    cyber hazards are listed below

    Injections into SQL Server are a type of attack in which malicious code is injected into
    frontend (web) applications before being sent to the backend database. SQL injections provide
    criminals complete access to any data stored in a database.
    Insufficient Audit Trail:
    If a database isn't audited, it runs the risk of breaking sensitive data protection laws on a
    national and international level. All database events must be logged and registered
    automatically, and automated auditing methods must be used.
    Internal Security Threats:
    A security risk posed by one of the three sources described below, each of which has
    privileged access to the database, is known as an insider threat:
    An opportunistic insider with bad motives
    Inside the company, a rash employee leaves the database vulnerable to assault.

    Human-caused Errors:
    Over half of all reported data breaches are still caused by weak passwords, password sharing,
    inadvertent data deletion or corruption, and other unwanted human activities.

    Databases are penetrated and leaked as a result of non-technical staff's lack of IT security
    knowledge and education, which may break basic database security requirements and put
    databases at risk.
    Malware is a type of software that is designed to tamper with your data or harm your
    databases. Malware could infect your system via any endpoint device connected to the
    database's network and take advantage of flaws.

    References:-Maurer, R. (2021, July 7). Top Database Security Threats and How to Mitigate
    Them. SHRM. https://www.shrm.org/resourcesandtools/hr-topics/risk-management/pages/top-
    database-security-threats.aspx

    You might also like