OCU C)ISSO A Discussion Lesson 14
- This topic has 3 replies, 7 voices, and was last updated 1 day, 7 hours ago by
.
-
Posts
-
-
Database security has many issues. After reading this chapter and viewing the video, discuss 2 issues that you have experienced or heard about. Explain the security issue and what happened. If you have never experienced any of these issues, choose two to explain in detail giving examples of what could happen in an organization.
-
Database security is important because database store the most valuable information in an organization, such as customer records, financial data, and internal systems. One common issue is SQL injection, where an attacker sends harmful commands through a website or form. If the system is not properly protected, the attacker ca access or even delete the database. This often happens when input fields are not validated. Another major issue is weak access control., Sometimes employees are given more privileges than they need, or old accounts are never removed. This can lead to unauthorized access, accidental data exposure or insider misuse.
-
Because databases are holding a large amount of data in their system, which can potentially be really important and sensitive information, they must be kept secure from outside attacks or internal threats.
One database issue I have heard of is SQL injecting/cross-site scripting attacks (XSS). This occurs when someone maliciously enter code on a site and allows the attacker to execute commands on the database. The system must be protected from this by using tools that check that the information that is put into the system before it is uploaded and used in the database. To do this, it is also important to test the website to make sure its protection is working correctly. In fact, a major second issue with databases is a lack of testing in general. Failing to test a database properly means there could be holes in the software, which would lead it to be vulnerable to attacks. Weaknesses in the system must be found addressed to prevent anyone else from exploiting it. This should be done early in the process, but it should also be done later by creating patches or updates to the site. -
Two common issues in database security are insufficient testing before launch and weak security. When organizations hurry to start a new system without proper testing, they often miss vulnerabilities like wrong permissions, missing updates, or unsecured access points. This can lead to users accidentally accessing data they shouldn’t or attackers easily exploiting the system. Another major problem is poor security practices, such as weak password management or bad backups, which make the database vulnerable. If a hacker accesses the system through a weak password or an unprotected account, they can corrupt, delete, or change important data, causing the database to fail and disrupting the organization’s operations. These failures can lead to downtime, financial losses, and damage to trust. Both issues show why organizations need to carefully test and improve their security measures before relying on a database in day-to-day operations.
-
- You must be logged in to reply to this topic.
