Database security is the range of methods used to protect information stored within a database. While hacking attempts are the most commonly thought of hazard to database information, there are many other dangers. Physical damage to the computer, improper coding or corruption, and data overload are all potential threats to a database. This means there usually are many security measures in place — from firewalls to auditing and backup disks — to keep any potential damage to a minimum and prevent the loss of an entire database. Most businesses have their own database security protocols to guard against specific attacks and potential damage.
Installing a database firewall, a protective barrier that keeps all unknown connections at bay, is the most basic form of database security. Firewalls are installed on most computers and are made so hackers have a difficult time connecting to a victim’s computer. Firewalls work by filtering through connections in the network and only allowing trusted computers or users to access the database. While skilled hackers can get around this, a firewall does provide a high level of security.
Encryption is another database security measure in which the data are encrypted or made illegible for anyone who accesses the database. When encryption is used, an algorithm scrambles the characters into nonsense, so it cannot be read. This means that, unless the hacker has specific knowledge of the encryption key, the information one needs to change the encrypted data from illegible characters back to a legible format, there is no way he or she can read the database.
Auditing is when a supervisor, or database manager, scans the database to ensure nothing has changed. This type of database security can either be performed physically, by someone reading over the database, or by using a program for larger databases to see if the coding is the same. Auditing also may include checking access to the database and seeing what employees did when they accessed the database. This prevents data theft or, at least, allows administrators to find out who committed data theft.
Performing a database backup is a database security measure that protects against many different threats. When the database is backed up, this means the data are stored in another area or medium. If the database loses any or all information, it can be promptly restarted with minimal loss using the backup. By doing a database backup, administrators are able to guard against physical damage to the computer such as from a fire, database corruption or the database shutting down from being overloaded.