Security assessment of databases
Matero, Kalle (2020)
2020
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2020112524246
https://urn.fi/URN:NBN:fi:amk-2020112524246
Tiivistelmä
Database security is playing an increasingly central role in organizations today. Databases contain the most important and sensitive data. In this research, a security assessment of several different databases for a public actor is implemented.
The research was an empirical research put into effect as a qualitative case study. A semi-structured thematic interview method was used to obtain the research material.
The research approached database security assessment from the perspective of database administrators. The level of security of different databases was assessed as well as the level of awareness of database administrators. The research also examined how well the interview study is suitable for a light internal audit process. Katakri was used as a frame of reference.
As the result of the research, more different and important observations from different starting points were obtained than expected. The research assignment and research questions were processed and valuable material was provided for the client for several different purposes.
In conclusion, the importance of common practices and processes as well as transparency in security questions was highlighted. Raising the security related awareness of database administrators requires cooperation and common practices between all the related teams in the organization. The organization’s demands and plans have to be clear for everyone. When the demands are clear, it is easier to work together according to plan. The importance of data classification was also clearly emphasized in the research. The interview research was found to be an excellent method for internal audit process.
The research was an empirical research put into effect as a qualitative case study. A semi-structured thematic interview method was used to obtain the research material.
The research approached database security assessment from the perspective of database administrators. The level of security of different databases was assessed as well as the level of awareness of database administrators. The research also examined how well the interview study is suitable for a light internal audit process. Katakri was used as a frame of reference.
As the result of the research, more different and important observations from different starting points were obtained than expected. The research assignment and research questions were processed and valuable material was provided for the client for several different purposes.
In conclusion, the importance of common practices and processes as well as transparency in security questions was highlighted. Raising the security related awareness of database administrators requires cooperation and common practices between all the related teams in the organization. The organization’s demands and plans have to be clear for everyone. When the demands are clear, it is easier to work together according to plan. The importance of data classification was also clearly emphasized in the research. The interview research was found to be an excellent method for internal audit process.