User Account

All Pages

Develop a database security policy

Assignment Help Database Management System
Reference no: EM13803773

You are to develop a database security policy for a small organization that collects and analyzes evaluation data for a variety of non-governmental organizations. The collected data includes both anonymous data and personally identifiable information such as names, dates of birth and social security numbers. Each employee is assigned to a certain number of evaluations. Employees access the data through desktop applications and/or intranet web applications while clients have restricted access to their data through another web application accessible through the Internet.

Guidelines

• A security policy describes what it means for an organization to be secure.
• A security policy is an agreed upon document that executive management uses to communicate its security goals and objectives. Thus, the language should be appropriate for all employees.
• A security policy generally stems from an asset inventory phase, in which the organization's assets are identified and evaluated, followed by a risk assessment phase, in which threats targeting those assets are evaluated. The security policy describes what the organization needs to secure, specifies the level of security that is needed and elaborates a strategy on how the assets will be protected.
• The goal of such a policy is generally to protect valuable and/or confidential information from unauthorized access, but also to limit legal liability and prevent waste or inappropriate use of organization resources. Phrases such as "must", "should", or "will" are used to establish baseline expectations for behavior by employees and to authorize audits and monitoring.
• The security policy is composed from high-level statements that describe a secure state for the organization assets. A security policy does not include best practices or recommendations, so details about how to implement the policy are typically included into supporting documents (standards and procedures)

• A security policy typically includes:

o Scope (1 paragraph)

o Goals (1 paragraph)

o Information classification (1-2 paragraphs)

o Actual requirements: as an itemized list. Specifically, database policy statements could address:
- Roles and responsibilities: Roles at the organization level could include application developer, database user, database administrator, database owner, application owner etc. Responsibilities should be designated.

- Database access types

- Authentication and authorization - a password policy should be defined or referenced

- Use of encryption (files, data in transit, backup files), managing encryption keys

- Backups and recovery (weekend or weekdays, on-line or off-line, incremental or full, etc.)

- Audits (auditor, frequency of audits, what is audited)

- Use of multi level security

- Use virtual private databases

- Database servers hardening (firewall/intrusion detection system, secure configuration, patch management, vulnerability assessment)

- Change management (ensure privileged accounts are documented, administered, monitored, and reviewed)

Reference no: EM13803773

Questions Cloud

Describe the meaning of multiculturalism : Describe the meaning of multiculturalism
Investigate a new type of technology : Write a 700 word paper in which you investigate a new type of technology and describe how it currently affects the print media industry.
Examine some of the most serious challenges facing : Examine some of the most serious challenges facing the state in which you reside or a state which you are familiar with. Visit the Pew Center on the States' webpage titled Stateline Headlines.
Describe how you would initiate the project : Describe how you would initiate the project. Create a project plan for moving the data center, considering the budget and time constraints. Develop an inclusive plan that incorporates the five (5) process areas and nine (9) knowledge areas of the PMB..
Develop a database security policy : Develop a database security policy for a small organization that collects and analyzes evaluation data for a variety of non-governmental organizations - security policy describes what it means for an organization to be secure.
Human socialization process : Human Socialization Process
Determine how the roles and functions of police chiefs : Examine the contemporary nature of the police chiefs and sherriffs duties in middlesex county to determine what qualifications they possessed in order to attain their present positions
Explain what can the congress do to address the issue : What can the Congress do to address this issue. Do you think the government has done enough to date
Write a paper about essay how and why to stop multitasking : Write a review paper about the essay "How (and Why) to Stop Multitasking" by Peter Bregman and "In Defense of Multitasking" by David Silverman.

Reviews

Write a Review

Database Management System Questions & Answers

  Database implementation and queries please tell me howmuch

please tell me howmuch it costs and please give me some discount as this is the second time i am

  The role of databases and database management systems

Describe the role of databases and database management systems in managing organizational data and information. Recognize the historical development of database management systems and logical data models.

  Design a nested menus interface for a check-in

Design a nested menus interface for a check-in and check-out hotel reservation system that can be used internationally.

  Physical schema created for a database

At this point in the design process, you would have a detailed physical schema created for a database. How would you approach converting your schema into a database, complete with sample data? Explain your approach in two to three paragraphs.

  Create library database schema structure

The library System stores 3 type of informations: Users ( USID, USNAME, USMob, USEmail, USDept,USStartDate, NofBooks). Create the library database schema Structure.

  Brief synopsis analyzing the detailed requirements

Provide a brief synopsis analyzing the detailed requirements of your prototype database design and design a database prototype that includes diagrams, data dictionary, design decisions, limitations, etc.

  Relational database modelling techniques and e-r diagram

Practical experience in using Entity-Relationship and Relational Database modelling techniques - design using an E-R diagram an entity-relationship model of the problem, convert the model into a relational model, and assess the normal form of each ..

  Explain issues to convert relationship for new cardinality

Using example of vehicles and drivers, explain issues to convert relationship for new cardinality including new relationships and attributes for the tables.

  Display the students for each class in the main form

Create a new custom form that contains a subform, the main from will contain the classes and the subform will contain the students , when the user navigate the classes from the main form, the subform will display the students for each class in the..

  Explain fragmentation and replication

Define association rules, and explain how to induct association rules by using frequent itemsets, a Priori Property, and support and confidence measures.

  How do databases generate sales and profits

Why are databases important to business. How do databases generate sales and/or profits. What databases do you interact with, and how do they benefit you

  Prepare a program so that it connects to a mysql database -

task 1you must setup your program so that it connects to a mysql database named gradingdb running on localhost. the

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd