Strategy: Database Access

Nov 15, 2011


Ensuring Secure Database Access

Many security measures can and should be put into place to protect a company’s database servers and other data stores from attack, both external and internal, as well as unintentional exposure, but one of the most effective means of ensuring data integrity is user provisioning. Today, most companies leverage role-based access control (RBAC) for their provisioning needs. In the RBAC model, access is controlled through roles that, in most cases, align with job functions. Access can also be granted on the basis of identity and the data itself, but models based on this approach quickly become cumbersome. No matter what model companies choose for provisioning access, they should apply the concept of least user privilege—granting only the access people need to do their jobs. With the advent of big data and the wider use of NoSQL databases and cloud-based data storage, however, IT organizations will need to increase their ability to integrate provisioning efforts. (S3811111)

Research Report