Flux rss en fonction de votre recherche RESET

How to protect databases?

Introduction

A database administrator manages a database on ERP software.

Trigger

He would like to copy data to which he has access, either by reading directly in the tables, or by logging on to the system interactively.

Incident

He is in conflict with his hierarchy and decides to take action, just in case .... He temporarily changes the password, disables the audit log and manipulated the document changes.

Resolution

In order to avoid this nightmare scenario, the theft of data, the information systems management should take the following steps: encryption of data streams; secure configuration of the server and operating system, implementation of a concept for access rights, control of the access to the building and staff training.

Conclusion

We can never  too careful, especially when using a complex ERP system that did not provide data protection at the time of project design!

timbre signification

Recommendations

The controller of the data file is responsible for the security of the data he processes. He must assess the risks and take the adequate concrete measures. He can, if necessary, prohibit authorized persons to carry their mobile phones or a USB key.

Basic principles

CP 143, 179ss and 321ter ; CO 328 and  328b

Data Security

Related scripts