Kelly Week 5 DQ 2
University of Phoenix
DBM500: Database Concepts
August 24, 2007
Kelly's (2006) article discusses challenges that organizations deal with in securing user-created databases. According to the article, what unique data protection and security risks are associated with user-created databases? Now imagine that you've just been brought on board as a database security consultant at a company that until now has never thought about protecting user-created databases. Now it wants to do so. What action plan would you recommend to the company?
Kelly's (2006) article indicates that a challenge of securing user-created databases in a Microsoft Access environment is very difficult. The built in security models are weak and present efficiency problems. In order to continue to support access databases you would need to utilize the built in security model, and rely on additional IT security models such as file access level permissions.
As a consultant I would recommend two key actions to help protecting user-created databases.
First, as stated above, rely on a built in security model using User-level security with the workgroup security file located in a secured network location. In addition, having IT extend a more secure database environment such as SQL, allowing end users to use access as the front end to create their data using their application of choice, but with a secured backend to ensure data protection.
The security risks that are associated with user-created databases are as follows: the company's data is vulnerable due to the user may not consider the security risks when creating their unique database, the data is managed by that user only, and the user may not have the time and knowledge to secure that data. The unique data protections that are associated with user-created databases are as follows: low level encryption, password protected, and...