918.599.0110 601 S. Boulder Ave, Suite 1002 - Tulsa, OK 74119
Security
  • Network Security
  • Database Security
  • Web Application Security
  • Online Payment & Credit Card Processing Security


    • Availability
  • Web Server Director
  • LinkProof
  • FireProof
  • Cache Server Director
  • Peer Director
  • CertainT 100


    •  Database Security

    Databases are a key element in most business-related information systems. How can an organization know that the information stored in the database and the reports made from this data can be relied upon? Care must be taken to ensure proper access controls have been implemented and software vulnerabilities have been patched.

    Unfortunately, there are both functional and operational challenges that must be overcome to implement sound security at the database level. While relational databases provide basic authentication, authorization and auditing features, they are incomplete and not very flexible. Implementing database security is a complex and time consuming task that is often overlooked.

    A periodic audit of database entities access controls and vulnerabilities can help an organization have an informed opinion about the security of their databases.

    Database Security Assesment

    Netbriar’s Database Security Assessment consists of four phases:

    1. Planning - In the planning phase, information is gathered about the purpose and structure of the system as well as existing security policies and procedures. Information about how the organization conducts business is also gathered. From this data, risks are associated with the database entity.

    2. Evaluating and Testing Controls - In the evaluation and testing phase, information is classified according to criticality and sensitivity. Authorized users and their current authorization levels are evaluated. Physical and logical controls are tested and evaluated based upon their effectiveness at preventing unauthorized access. Database access is also monitored and apparent security violations are investigated.

    3. Reporting - In the reporting phase, general conclusions are drawn about the level of security of the database entity based upon the controls that have been implemented. Specific vulnerabilities in the database software and access controls are presented.

    4. Review and Education - Using the report generated in the preceding phase, Netbriar will meet with management and administrative personnel to explain the impact of the vulnerabilities and suggest procedures changes to prevent them from reoccurring.

    About    -    Contact