Respond to each discussion point. Discussion 1 Senior IT management and General Management should be very familiar with database security generally and to particular issues like SQL injection. DBA’s, Database Designer, and Database user should also be familiar with database security and be able to identify issues. The Top and Senior IT managers should take the lead in building processes that will lessen the likelihood of any SQL injection becoming successful and mitigate damage. In my current job I have not been affected by database security but I do work with DBA’s who have been affected by database Security. My current job I’m working as a liaison between the project managers and the actual product or application functional. Most of the applications do utilize databases and require polices and processes in place to maintain. I also have experienced Senior IT management conducting scheduled audits and random spot checks to verify system and database status, Additionally, They use monitoring and intrusion-detection tools that routinely log computer activity on our networks and highlight patterns of suspicious activity, changes in software, or patterns of communication and access. Discussion 2 – Senior IT management can suggest a strict policy for handling sensitive data, every organization needs to truly separate between its sensitive and non-sensitive data to outline a strict process/policy for handling important information. Corporate data can be divided into public, private and restricted which security measures can be passed accordingly. Since public data requires minimal security private data needs to be handled cautiously, in case of restricted data and employees should be given access on the need basis only.
Database administrator focuses on password security especially while adopting different network security devices, some organizations often end up just ignoring the basic security mistakes. In most cases, employees use weak passwords to protect data in their system and end up making them vulnerable to malicious attacks which makes it important to improve password security practices by providing enhanced security training to employees. The best example will be password management applications, that companies can benefit from the rollout of a password.
Database designer’s main task is to prevent any kind of breach such as SQL injection attacks, by maintaining the user’s input identifying the essential SQL statements, and establish a “whitelist” for all valid SQL statements, leaving unvalidated statements out of the query. This process is known as input validation/query redesign. Sanitizing the data by limiting special characters, SQL attackers can use unique character sequences to take advantage of a database.
Discussion 3 – Top management and Senior IT management have to be aware of the impact of database security breaches and issues like SQL injection. Any modifications to the confidentiality, integrity, and availability of the info stored within the database directly impact the organization’s reputation and result in financial loss. Thus, the highest management of the company must understand the chance of improper database security practices. Coming to Database Administrator and Database Designer, people in these positions should have an intensive understanding of the database structure and best practices for the data’s security. To mitigate attacks like SQL injection, the database designer and administrator must remember parameterized queries and always create views to disclose selected data. Input Validation and sanitization are a requirement.

The post Respond to each discussion point.
Discussion 1
Senior IT management and Genera appeared first on homework handlers.