Solved

Where is your data?

Posted on 2011-03-25
5
350 Views
Last Modified: 2012-05-11
I attended a good speech the other day on database security and one issue the guy asked was whether folk knew where their data was. I think some folk have a one dimensional view that data resides in the MS-SQL, Oracle DB and no where else.

As DBA’s can you give me a big list of everywhere corporate data for a specific system can go/end up. For example at a top level if you ask me you information system

1)      gets/obtains data (online forms, data feeds, data extracts)
2)      stores it and makes it available to the end user via some GIU (web app, intranet app, report viewer i.e. crystal)
3)      exports data/processes it further (reports, test databases, extracts, backups)

Are there any more stages? Also where can your data come from? Some systems can obtain the data via online forms, but there must be other apps that get data from other means, i.e. not directly from the user.

Can you give me some examples in the lifecycle of database/information system, everywhere that “data”, intended for the database, can reside in your IT environment? From one extreme to the other, any where data could be stored in the IT environment for stages 1, 2, or 3.
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 4

Expert Comment

by:davehilditch
ID: 35215175
I would add message queues into the mix - think enterprise service buses.  When it comes to security, i'd add in excel, emails, print outs, flat files etc as people often use these systems when looking at or dealing with data.
0
 
LVL 3

Author Comment

by:pma111
ID: 35215237
Hi Dave, not familiar with:

"message queues into the mix - think enterprise service buses."

Can you clarify in lay persons terms?
0
 
LVL 3

Author Comment

by:pma111
ID: 35215244
And flat files?
0
 
LVL 4

Accepted Solution

by:
davehilditch earned 200 total points
ID: 35215928
A message bus is an asynchronous way of sending data between services which can be on completely different platforms.  e.g. you could have data being generated by a variety of different mechanisms and they all stick their data onto the bus/queue.  Then you configure listeners to pick up and retrieve/make use of this data.

See here for more info - http://msdn.microsoft.com/en-us/library/ff647328.aspx

or here - http://en.wikipedia.org/wiki/Enterprise_service_bus

re: flat files, they are just files outside of the database.  e.g. someone connects to sql server and exports all of a particular tables data to a .txt or .csv file.
0
 
LVL 4

Expert Comment

by:davehilditch
ID: 35215940
also, really depending on how tight you want your security to be, but if someone has emailed data then the email will reside in multiple places - the sender, the exchange server (or similar) and the target destination.  On top of that, if you have indexing services on your computer (such as google desktop) then the contents of the files will also be in those indexes.
0

Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Microsoft Access is a place to store data within tables and represent this stored data using multiple database objects such as in form of macros, forms, reports, etc. After a MS Access database is created there is need to improve the performance and…
Via a live example, show how to setup several different housekeeping processes for a SQL Server.
Viewers will learn how to use the UPDATE and DELETE statements to change or remove existing data from their tables. Make a table: Update a specific column given a specific row using the UPDATE statement: Remove a set of values using the DELETE s…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question