MSIT 5210: Unit 5 Discussion Assignment Examine the importance of database security and discuss the elements required for an effective security plan. Which elements do you find to be most important? Explain why. Database security is critical in more ways than one. You are responsible for creating, maintaining, and guaranteeing the confidentiality, integrity, and availability of a database. This involves protecting the database’s data, the database management system, related applications, the database’s hardware (e.g., physical server, virtual server), and the database’s infrastructure (whether computing or network) (IBM Cloud Education, 2019). The database security’s success rate determines to which extent an organization can evade the negative…show more content… The elements that are most important in an effective security plan are best identified after understanding the common threats and challenges faced by a database. Databases usually face threats from insiders, human error, software vulnerability exploitation, SQL/NoSQL injection attacks, buffer overflow exploitation, malware, backup attacks, and DoS/DDoS attacks (IBM Cloud Education, 2019). In order to deal with these threats and challenges, the following best practices have been developed: a database’s physical security should be ensured, its administrative and network access controls should be limited to the practical minimum, its user accounts and their connected devices should be monitored and subject to security controls, its data should be encrypted, its software should be up-to-date, its applications and web servers should be tested regularly, its backup should be protected just as much as the database itself is, and it should maintain a log of all the logins to the database server and operating…show more content… Based on our analysis of the common threats and challenges faced by a database, as well as our definition of the best practices and control types that have been established, we can conclude that the following elements are most important for an effective security plan. The first element is a discovery tool. A discovery tool is a tool capable of spotting, naming, and offering remediation of any vulnerabilities in the system. It will enable conformation to regular compliance criteria (IBM Cloud Education, 2019). The second element is a data activity monitoring tool. A data activity monitoring tool is a tool apt in monitoring and auditing all of a database’s data activities, as well as apt in alerting towards suspicious activities in real-time and generating reports that enable the meeting of compliance requirements. It will enable quick response to threats as well as further compliance (IBM Cloud Education,
