Introduction

Data is a set of information that can be facts, words, numbers, measurements, or observations. It can be either qualitative or quantitative. Qualitative data describes something, while quantitative data gives numerical information. Quantitative data can be either discrete or continuous. Discrete data has only certain possible values (like integers), and continuous data can have any value (within a range). Data can be used for various purposes, such as analysis, decision-making, research, communication, or entertainment. Let's consider what a database is, how data integrity is been broken and how to protect and secure data

A database is a collection of organized data that can be accessed, manipulated, and updated by a computer program. A database can store different types of data, such as text, images, audio, video, or geospatial data. A database can also have different structures, such as relational, hierarchical, network, or object-oriented. A database can be used for various applications, such as e-commerce, social media, education, health care, or government.

Data and database security is the process of protecting sensitive data and databases from unauthorized access and corruption. Data and database security involves both technical and non-technical measures to ensure the confidentiality, integrity, and availability of data and databases. Data and database security is important for both corporate and personal users, as data and databases can contain valuable and private information that can be exploited by hackers, malware, or other threats.

Why Data and Database Security are Important

Securing data and databases is important for most businesses and even home computer users. This is because clients’ important information and details, as well as bank details and personal details, can be very hard to recover if compromised.

Data and database loss due to hackers or malware infections can be very dangerous and have serious consequences. Such information can be used against the organization or the individual for blackmailing, identity theft, fraud, or sabotage. Data and database loss can also result in legal liabilities, financial losses, reputation damage, or competitive disadvantage.

Other potential threats to data and database security include

System crash: A system crash is a sudden failure of a computer system that causes it to stop functioning properly. A system crash can be caused by a hardware malfunction, software bugs, a power outage, or human error. A system crash can result in data and database corruption or loss.

Physical threats: Physical threats are events that can damage or destroy the physical components of a computer system or network. Physical threats include fire, flood, earthquake, theft, vandalism, or sabotage. Physical threats can result in data and database damage or loss.

Human error: A human error is a mistake or oversight made by a human user or operator of a computer system or network. Human error can include incorrect processing of information, input errors, accidental deletion of files, misconfiguration of settings, or forgetting passwords. Human error can result in data and database corruption or loss.

Exploits: Exploits are malicious activities that take advantage of vulnerabilities in a computer system or network. Exploits include hacking, phishing, malware infection, denial-of-service attack (DoS), and ransomware attack.

source

How to Improve Data and Database Integrity

After identifying areas of vulnerability, the next step is to create or develop strategies to secure data and databases. Some of the areas that may be considered are:

Who accesses data and databases, and what data and databases do they access?

Access control is the process of granting or denying access to data and databases based on the identity and role of the user or program. Access control can be done in different ways, such as mandatory access control (MAC) or discretionary access control (DAC).

Mandatory access control (MAC) is a hierarchical method of controlling access to files and resources. It provides a strict and centralized way of controlling access to files and resources. It ensures that only individuals with the proper security clearance can access sensitive information. It is usually used by government organizations, conglomerates, or large organizations where security is very important.

Discretionary access control (DAC) is a security model where the owner of a resource can decide who can access that resource and what actions they can take on it. Unlike mandatory access control, where access control decisions are made by a central authority, discretionary access control allows individual users to set permissions on their own files and resources.

Who uses the internet and email systems, and how do they use them?

The Internet and email are common ways of communicating and sharing information online. However, they also pose risks to data and database security, as they can be intercepted, modified, or spoofed by hackers or malware. To protect data and databases from internet and email threats, some of the measures that can be taken are:

• Use strong passwords and change them regularly to prevent unauthorized access to data and databases stored online.

• Use anti-spam and anti-phishing software to filter out unwanted or malicious emails that may contain links or attachments that can compromise data and database security.

Who will be allowed to access data and databases, and who will be restricted?

Data and database classification is the process of assigning different levels of sensitivity and importance to data and databases based on their content, purpose, or usage.

Data and database classification can help determine who will be allowed to access data and databases and who will be restricted based on their clearance, role, or need. Data and database classification can also help to apply appropriate security measures to data and databases based on their level of risk.

Whether they will use passwords or not and how they will maintain them:

Passwords are one of the most common ways of authenticating users or programs that want to access data and databases. However, passwords can also be weak or compromised if they are not chosen or managed properly. To improve password security, some of the best practices are:

• Use strong passwords that are long, complex, and unique. Avoid using common words, names, dates, or personal information that can be easily guessed or cracked by hackers or malware.

• Use different passwords for different accounts or services. Do not reuse the same password for multiple purposes, as it can increase the risk of data and database breaches if one of them is compromised.

• Use password managers to store and manage passwords securely.
  Password managers are software applications that can generate, store, and autofill passwords for various accounts or services. Password managers can also encrypt and protect passwords from hackers or malware.

• Use multifactor authentication (MFA) to add an extra layer of security to passwords. Multifactor authentication is a method of verifying users or programs by requiring two or more pieces of evidence, such as something they know (password), something they have (token), or something they are (biometric). Multifactor authentication can prevent unauthorized access to data and databases, even if passwords are stolen or hacked.

What types of firewalls and anti-malware solutions are in place?

Firewalls and anti-malware solutions are software or hardware devices that can monitor, filter, or block the incoming and outgoing traffic between a computer system or network and the internet. Firewalls and anti-malware solutions can help to prevent or detect unauthorized or malicious access to data and databases by hackers or malware.

Also consider proper training of staff on enforcing data security.

Training is an essential part of data security awareness and education. Training can help staff understand the importance of data security, the potential threats to data security, and the best practices for data security. Training can also help staff develop skills and habits for protecting data security, such as choosing strong passwords, avoiding phishing emails, backing up data regularly, reporting incidents promptly, etc.

Conclusion

In summary, data security is essential to maintain data integrity, confidentiality and avoid avoid corruption. Also to maintain and secure data from threats and theft it is important to consider some factors such as who uses data, what data is being acccessed. as this will help to know how to enforce and ensure data security.

first image from freepik