Securing data is one of the main components of the Internet. The need for data security represents one of the most important strengths of an organization, because many organizations would not have any value without data security. This book offers solutions in this direction. It covers aspects ranging from the security requirements of databases to methods and techniques for securing them.

In a clear and concise style, with well-founded and exemplified pieces of information, the book’s 15 chapters allow readers to identify and analyze a range of solutions for securing databases. This book is recommended to both students and database administrators and staff. After reading it, users will better understand the security risks of database systems and the roles of security policies and security methods. Readers have in this book a benchmark in terms of practice for securing databases.

The chapters are presented such that they can be read in any order, saving the reader time, and are easy to understand because of the book’s technical, concise writing. The first chapter identifies and briefly describes database security requirements. The second chapter talks about controlling external access through firewalls and the network topology. Some of the encryption keys in Microsoft SQL Server are discussed in chapter 3. Chapter 4 looks at different database encryption techniques and algorithms, along with a comparison of client- and server-side techniques. The fifth chapter moves the discussion to application roles within SQL Server, as well as using Windows policies for password strength.

The next chapter discusses security at the instance level, as well as securing access to database tables using stored procedures. Chapters 7 and 8 present SQL Server Analysis Services (SSAS) and SQL Server Reporting Services (SSRS). Chapter 9 talks about the problem of SQL injection attacks and how to defend a database against them. The tenth chapter covers maintenance plans, including backup encryption, naming the backups with date or time flags.

The next chapter presents the different storage arrays and network switches. In chapter 12, readers will find information about login auditing, data query, and data modification auditing. Chapter 13 describes the operating system (OS) rights that users should have. The last two chapters review the various permissions that are needed to maintain a highly secure database system. Finally, the appendix provides readers with very useful checklists regarding Payment Card Industry Data Security Standard (PCI DSS), Sarbanes–Oxley Act of 2002 (SOX), and Health Insurance Portability and Accountability Act of 1996 (HIPAA) audits.

The book is a real challenge for readers, because of the main topic addressed (database security) and because of the beneficial way in which the author combines the concepts and thus contributes to a better understanding of these issues.

More reviews about this item: Amazon