Tags

,

The matter of database security hit close to home last November. My teenage son has a Steam account for online gaming. I just read that their database was hacked end of last year and may have exposed customers credit card info to the infiltrators.

I am not entirely positive, but it seems to me that most databases are somehow connected to the internet. Whether it be an E-commerce website or a corporate database on their internal Intranet, both are still connected to the Internet. Of course the internal database would be better protected as it should be behind a firewall(s), could be both hardware and software types.

The most important step in securing a database is data encryption. There are 3 levels of data encryption; column-level, database level, and file-level. Of these 3, file-level encrypts not only the data, but also any output from the database, reports, spreadsheets generated from the database, emails, as well as the database configuration files.

This should be top priority for all DBAs!