A database administrator, or DBA, plays a critical role in managing the databases of an organization. Learn about the various roles of a DBA and the tools used to keep data safe and secure.
Imagine it’s the first day of class in college, and you sit down for the first lecture. Your professor walks in and makes an announcement:
‘Welcome back after the summer everyone. I have to start off with some bad news. Due to a glitch in the university’s database, all grades and credits from last semester have been lost. I’m sorry, but we are going to have to do last semester all over again. Now open your book on page…’
That would be disastrous, right? Could you imagine? How could the university lose all that information? Luckily, these things almost never happen. The important question really is: How can we prevent this from happening? Who is responsible for keeping all the data secure in an organization? That would be the database administrator, or DBA.
Keeping data secure is only one of the roles of the DBA. The typical tasks of a DBA include:
- Controlling access to the database, including creating logins for users and setting roles for each user. Some users may only need to query the data, while others are involved in entering new data.
- Providing support services to the end users, such as making sure all users know how to use the database.
- Managing procedures for backup and recovery of data, in case of errors made by users or system crashes. You don’t want to lose all the valuable data just because the power went out.
- Ensuring data integrity, which means that data are complete, accurate and current for the tasks at hand.
- Controlling data security, including preventing unauthorized access to the data and protecting against other security threats.
- Setting data privacy, which means that only authorized individuals are able to see certain data. For example, there is no need for everyone in the organization to be able to see all the personnel files of all the employees.
Several of these tasks go hand-in-hand. For example, carefully controlling access to the data helps to implement data security and data privacy policies.
Databases face a number of security threats. Many of these threats are common to all computer systems, but large databases in organizations are particularly vulnerable because they often contain sensitive information and are used by many different people.
One of the basic threats is data loss, which means that parts of a database can no longer be retrieved. The earlier scenario where the university lost part of their records has disastrous consequences.
This could be the result of physical damage to the storage medium, like fire or water damage, human error or hardware failures. Every single computer system is to some degree vulnerable, so a common strategy employed by DBAs is to create multiple backups on different computer systems. So if one system were to fail, the data is still secure somewhere else.
Another security threat is unauthorized access. Many databases contain sensitive information, and it could be very harmful if this information were to fall in the wrong hands. Imagine someone getting a hold of your social security number, date of birth, address and bank information. It would be relatively easy for someone to open up a credit card under your name and start spending without your knowledge.
Getting unauthorized access to computer systems is known as hacking. Computer hackers have developed sophisticated methods to obtain data from databases, which they may use for personal gain or to harm others. Have you ever received an e-mail with a notification that you need to log in to your credit card account with a link for you to follow? Most likely, this is a hacker trying to obtain your login details, so be careful.
A third category of security threats consists of viruses and other harmful programs. A computer virus is a computer program that can cause damage to a computer’s software, hardware or data. It is referred to as a ‘virus’ because it has the capability to replicate itself and hide inside other computer files. There are many types of viruses, and new ones are being developed all the time.
Once a virus is present on a computer, it typically performs some type of harmful action, such as corrupting data or obtaining sensitive information. Computer viruses are one type of malware, short for ‘malicious software.’ Malware is used by attackers to disrupt computer operation. In addition to computer viruses, this includes spyware (used to collect information about a person without their knowledge), adware (used to display advertising) and Trojan horses (used to create unauthorized access to someone’s computer).
One of the most common ways to get a virus on your computer is to download a file from the Internet that is infected. So if you get an e-mail from someone you don’t know with a file attached to it, be careful opening up these attachments. As the database administrator of your own computer, you should use some type of anti-virus software.
One of the primary tasks of a DBA is to keep databases secure. This can be accomplished, for example, by restricting access to certain users, controlling what each user can do and running anti-virus software.
Another way to keep databases safe is to use encryption. This is often used when data is transferred over the Internet, where it could be potentially seen by others. Encryption is the process of encoding messages so it can only be viewed by authorized individuals. An encryption key is used to make the message unreadable, and a secret decryption key is used to decipher the message.
Encryption is widely used in systems, like e-commerce and Internet banking, where the databases contain very sensitive information. If you have made purchases online using a credit card, it is very likely that you used encryption to do this.
There is one other major strategy to improve database security, which is to use a firewall. A firewall consists of software and hardware set up between an internal computer network and the Internet. A computer network manager sets up rules for the firewall to filter out unwanted intrusions.
These rules are set up in such a way that unauthorized access is much more difficult. A DBA can decide, for example, that only users within the firewall can access a particular database or those outside the firewall have limited capabilities to modify the data. You can also set up a firewall for your own computer, and on many computer systems, this is built into the operating system.
Database management is typically the responsibility of a database administrator, or DBA. The roles of a DBA include controlling access to the database, providing support services to the end users, managing procedures for backup and recovery of the data, ensuring data integrity, controlling data security and setting data privacy.
Specific security threats include data loss, unauthorized access and computer viruses. Tools to ensure database security include encryption and using a firewall. You can be the DBA of your own computer system by being cautious with e-mails from people you don’t know, running anti-virus software and setting up a firewall.
After watching this lesson, you should be able to:
- Describe the roles of a database administrator (DBA)
- Explain some of the security threats that databases face
- Define malware and name some of the different types
- Summarize some of the methods for ensuring database security