How to protect databases?
A database administrator manages a database on ERP software.
He would like to copy data to which he has access, either by reading directly in the tables, or by logging on to the system interactively.
He is in conflict with his hierarchy and decides to take action, just in case .... He temporarily changes the password, disables the audit log and manipulated the document changes.
In order to avoid this nightmare scenario, the theft of data, the information systems management should take the following steps: encryption of data streams; secure configuration of the server and operating system, implementation of a concept for access rights, control of the access to the building and staff training.
We can never too careful, especially when using a complex ERP system that did not provide data protection at the time of project design!
Recommendations
The controller of the data file is responsible for the security of the data he processes. He must assess the risks and take the adequate concrete measures. He can, if necessary, prohibit authorized persons to carry their mobile phones or a USB key.