Course Curriculum

Data Governance Primer

Security

What is data security?

Five Pillars: Security

Data security refers to the digital privacy measures that are applied to prevent unauthorized access to data. A broad range of information security protocols are used to protect databases from security risks. We need data security as there are numerous risks to database systems :

  1. Misuse by authorized database users and database administrators or by unauthorized users or hackers.
  2. Malware infections causing incidents such as unauthorized access, leakage or disclosure of personal data.
  3. Overloads and capacity issues preventing users from utilizing database as intended.
  4. Physical damage to servers caused by computer room fires, liquid spills or electronic/ equipment failure.
  5. Data corruption caused by design flaws and programming bugs like entry of invalid data or commands.

A lapse in data security can lead to catastrophic events. For example, in the case of Yahoo, the data breach impacted 3 billion of its users. Sensitive information including names, email id, security questions, answers and passwords were leaked. Yahoo’s delay in discovering these breaches, as well as implementing improved security features was a major point of criticism. Furthermore, this led to a reduction of $350 million from the price that Verizon agreed to pay, to buy Yahoo’s core internet businesses.

 

Key measures to implement data security

1. Access control : Access control is the selective restriction of access to data. It consists of two main components : Authentication and Authorization. Authentication is used to verify that someone is who they claim to be. In addition, we need authorization to determine whether a user should be allowed to access the data.

2. Auditing : It is the monitoring and recording of a user’s database actions. It is mainly used to :

  1. Enable accountability for actions taken in schema, table or row.
  2. Investigate suspicious activity and prevent users from inappropriate actions.
  3. Detect problems with authorization or authentication.
  4. Gather data on specific database activities e.g number of tables being updated, number of users connected.

3. Data Encryption : It translates data into another form so that only people with a secret key, known as decryption key can access it. Encryption protects the confidentiality of the data so that if an unauthorized person gained access to the storage device or service, they would be unable to view the data.

4. Data Backup : It refers to copying data into an archive file of computer data, so that it may be used to restore the original after a data loss event. Backups should be implemented by proper scheduling (using a job scheduler to remove the human element), authentication and establishing a chain of trusted individuals.

Conclusion

The electronic systems used by businesses operate with all kinds of sensitive and confidential data. Moreover, the number of data breach incidents in US hit a new record high of 1579 breaches, which is a 45% increase from the previous year. Due to these incidents, governments throughout the world have imposed new stringent regulations on data storage and security. Therefore, data security should be considered an integral part of the data governance process to minimize financial loss, followed by compliance with regulatory requirements and maintaining high levels of productivity.