Database

Database is an important entity for any organization to store, manage and analyze data efficiently using desired software application (Aveda, 2015). Databases can handle varying types of data ranging from finance, marketing, engineering, supply chain, project management, employee, or student records etc. with the ease of highly efficient processing methods. Database enable quicker visualization of useful trends and can be modified per the needs of the company or organization. In the absence of database, all the records need to be accessed, stored and analyzed manually which is highly inefficient in the light of today’s data burst.

Database is usually structured in rows and column format accessible through query language (Aveda, 2015). Different conditional clauses and conditions can be applied to fetch desired records and results in raw or aggregated form for further analysis or visualization.

Some of the advantages of database management system (DBMS) are (GGISolutions, 2011):

1. Reduced data redundancy

2. Fewer errors

3. Better data integrity

4. Easier data access

5. Enhanced data security

6. Lesser data entry, storage and retrieval cost

On the other hand, few shortcomings of DBMS are:

1. Upfront time required to design database

2. Substantial hardware and software costs

3. Database damage can impact all related applications

4. Training cost for all users

5. Conversion cost from file system to database

Challenges

In the past decade, very high volume of data has been generated from traditional and non-traditional sources in various forms (Fricke, 2015), thus giving rise to challenges in database management system like:

Growth of structured and unstructured data

Traditional data used to be in structured format handled easily using relational database systems however with the proliferation of social media data in the form of text, audio, video, pictures etc., unstructured data volume has grown significantly faster than structured data (Fricke, 2015). This gives rise to unique DBMS challenges which should be able to handle data with high velocity, variability and variety using NoSQL or other modern non-relational database systems.

Integration of data from varying sources

In the past, data was sourced from limited software and hardware but now data is sourced from internet-of-thing (IoT) devices, smartphones, web clicks etc. thus require efficient and robust mechanism to store in the database without loss of information (Fricke, 2015).

Cloud database

Cloud is yet another area burgeoning recently and has offered low upfront cost, highly scalable and elastic capacity solution to store, manage and provide services (Fricke, 2015). Database residing in cloud give rise to unique challenges like multi-tenancy, effective resource allocation, high availability etc.

Security

With the recent high-profile data breaches, security of database system is of utmost importance for an organization to prevent theft and fraud of information and at the same time protect loss of confidentiality, privacy, integrity and availability (Connolly & Begg, 2014). Any loss of data will risk in losing the trust of customer and credibility of organization.

Quality of Experience

Usually the performance of DBMS is measured with high throughput and low response time; however, there is an increasing demand of quality of experience (QoE) measure which conforms to customer’s expectation (Costa & Furtado, 2013). For instance, if one user runs the query on database and willing to wait 60 minutes but other users require results immediately; in this case DBMS doesn’t prioritize the output for the user requiring immediate results. With QoE system in place, users will be informed ahead of time the estimated processing time and empower end user to get result within say, 2minutes by processing only 80% records.

Security Breach Examples

Veteran’s Administration (VA) Theft

Information was stolen from employee’s home who improperly took the material home resulting in loss of name, social security number and date of birth information (UCSC, 2017).

The beach could have been avoided using below standard practices:

1. Lock down of workstations when unattended

2. Don’t leave sensitive information unattended

3. Encryption

4. Physical security

University of California Berkeley & Los Angeles Loss

Restricted database of UC Berkeley was attacked by hacker using public website on the same server resulting in a loss of names, SSN, health information etc. Similarly, UCLA security breach happened due to security flaw in one of the application (UCSC, 2017).

The loss of information at Universities could have been avoided with the help of trained professional checking for security vulnerabilities as well as to setup controlled access to secure and restricted databases.

Database Security Mechanisms & Solutions

All the databases have multiple aspects like hardware, network and software which is why each of these are vulnerable to varying threats (Connolly & Begg, 2014).

Hardware – natural reasons (flood, fire etc.), data corruption due to power fluctuation or loss, failure of security mechanism, equipment theft, physical damage, interference radiation etc.

Software – theft of program, failure of security mechanism, unregulated access etc.

Network – wiretapping, cable disconnection, interference or radiation

Some of the measure that can thwart the possible attack are:

Access Control

Control of access allow access to database restricted to only few who require on recurring basis (Connolly & Begg, 2014). Access control should be re-evaluated every few months to make sure that requirement to access data still exist or not. Access should be granted to only data which is needed instead of granting global access.

Authorization

Database administrator should setup individual user accounts and passwords to prevent unauthorized access of sensitive data and avoid breaches (Connolly & Begg, 2014).

Views

View table is another effective way of limiting access to raw background tables and display fields only which are required for operation (Connolly & Begg, 2014).

Backup and Recovery

Offline storage of complete database at a different location securely on a regular basis will help in successfully recovery in case data is lost due to hardware failure etc. (Connolly & Begg, 2014).

Encryption

If database store sensitive information than it is recommended to encrypt the data. Encryption will slow the performance of database but ensure protection while transferring data across networks as well as in case of data breach (Connolly & Begg, 2014).

Redundant Array of Independent Disks

RAID help in the event of hardware failure and system continues to run without any failure or down time thus improving the reliability of database (Connolly & Begg, 2014).

Reference

Aveda, S. (2015). What is the importance of database management system? Retrieved from https://www.linkedin.com/pulse/what-importance-database-management-system-scott-aveda

GGISolutions (2011). Important DBMS Questions for Final Exams. Retrieved from https://ggisolutions.wordpress.com/tag/need-of-dbms/

Fricke, P. (2015). How to address top challenges of database management. Retrieved from http://data-informed.com/how-to-address-top-challenges-of-database-management/

University of California Santa Cruz (2017). Security breach examples and practices to avoid them. Retrieved from https://its.ucsc.edu/security/breaches.html

Connolly, T. & Begg, C. (2014). Database Systems: a practical approach to design, implementation, and management (6th ed.). Upper Saddle River, NJ: Pearson.

Costa, R. & Furtado, P. (2013). Providing quality of experience for users: the next DBMS challenge. IEEE Computer, 86-93, 46(9)