inside.
unomaha.edu
data security.
Back in the old days when dinosaurs ruled the planet and your parents' parents used spears and slings to hunt food, libraries had these quaint systems they called "card catalogs" which would help library patrons find the books they were looking for. Each book has its own card, and on each card you could find the title of the book, the author's name, the year the book was published, the ISBN of the book, the library code it was assigned (either Dewey Decimal or the Library of Congress number), and so on. The cards then were collected together in drawers long and short, all of the drawers with a letter or set of letters on them, so any card beginning with a letter "C" in its title or author space was placed in the drawer with the same letter. The drawers then were put into a cabinet, sorted by alphabetical or numeric order, and placed top to bottom, or left to right, depending on the library. The system was very convenient - it made finding a book easy - and the patrons of the library lived happily ever after.
Those catalogs are with us still today, but in the form of software we call "databases". A database is a collection of data, like the library cabinet filled with cards of book information, that people use to store data until such a time comes that they need to quickly retrieve the data again. The data can be anything, from names to addresses to birthdates to the kinds of dinosaurs that ruled during the Cretaceous. Anything that is information can be stored in a database, including databases themselves. A database is a structure, albeit a special kind of structure that we set up, however we want, to store the data we feel is important to store.
Databases are all around you. When you withdraw money from your checking account, you are hooking into a database to make sure you have sufficient funds. When you go online to download a song, you usually will access a database that can help you easily find the title of the song, or the band's name, for which you are looking. Your credit card number and all the information stored in the magnetic stripe on the back are themselves stored somewhere on some database. Class schedules, newspaper ads, grocer inventories, patient information and even today's library catalogs all are stored in databases.
Why the long-winded introduction to databases? To help you understand that, while network security and business continuity planning are important, equally important in today's connected world is database security. You don't just want any ol' person or company to have access to your credit card numbers, nor do you want unauthorized eyes looking at your medical history.
Database security deals with this specific issue, that is, with the storage, transmission and security of your data.
Because databases are so convenient, and because lots of times they contain information for multiple individuals, databases are frequent targets of crackers, malware writers and the like. Therefore numerous considerations must be taken into account when dealing with personal data. Are there any vulnerable points in the database? What tools or methods should we use to minimize risk? Who should be responsible for the data? Is there a plan of action should the data be compromised? Is the data encrypted? At what point does a system become so overburdened as to make use of the system almost impossible (for legitimate users as well as for the miscreants)? These and many other aspects must be addressed when developing a database.
It's nothing like the days when pa's pa had to sharpen his spear to prepare for his next visit to the city library.
Websites
There are a couple of websites that deal with database security you may find of interest. As we uncover more links, we will provide them below.
General Resources