Solved

Where is your data?

Posted on 2011-03-25
5
337 Views
Last Modified: 2012-05-11
I attended a good speech the other day on database security and one issue the guy asked was whether folk knew where their data was. I think some folk have a one dimensional view that data resides in the MS-SQL, Oracle DB and no where else.

As DBA’s can you give me a big list of everywhere corporate data for a specific system can go/end up. For example at a top level if you ask me you information system

1)      gets/obtains data (online forms, data feeds, data extracts)
2)      stores it and makes it available to the end user via some GIU (web app, intranet app, report viewer i.e. crystal)
3)      exports data/processes it further (reports, test databases, extracts, backups)

Are there any more stages? Also where can your data come from? Some systems can obtain the data via online forms, but there must be other apps that get data from other means, i.e. not directly from the user.

Can you give me some examples in the lifecycle of database/information system, everywhere that “data”, intended for the database, can reside in your IT environment? From one extreme to the other, any where data could be stored in the IT environment for stages 1, 2, or 3.
0
Comment
Question by:pma111
  • 3
  • 2
5 Comments
 
LVL 4

Expert Comment

by:davehilditch
ID: 35215175
I would add message queues into the mix - think enterprise service buses.  When it comes to security, i'd add in excel, emails, print outs, flat files etc as people often use these systems when looking at or dealing with data.
0
 
LVL 3

Author Comment

by:pma111
ID: 35215237
Hi Dave, not familiar with:

"message queues into the mix - think enterprise service buses."

Can you clarify in lay persons terms?
0
 
LVL 3

Author Comment

by:pma111
ID: 35215244
And flat files?
0
 
LVL 4

Accepted Solution

by:
davehilditch earned 200 total points
ID: 35215928
A message bus is an asynchronous way of sending data between services which can be on completely different platforms.  e.g. you could have data being generated by a variety of different mechanisms and they all stick their data onto the bus/queue.  Then you configure listeners to pick up and retrieve/make use of this data.

See here for more info - http://msdn.microsoft.com/en-us/library/ff647328.aspx

or here - http://en.wikipedia.org/wiki/Enterprise_service_bus

re: flat files, they are just files outside of the database.  e.g. someone connects to sql server and exports all of a particular tables data to a .txt or .csv file.
0
 
LVL 4

Expert Comment

by:davehilditch
ID: 35215940
also, really depending on how tight you want your security to be, but if someone has emailed data then the email will reside in multiple places - the sender, the exchange server (or similar) and the target destination.  On top of that, if you have indexing services on your computer (such as google desktop) then the contents of the files will also be in those indexes.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

These days, all we hear about hacktivists took down so and so websites and retrieved thousands of user’s data. One of the techniques to get unauthorized access to database is by performing SQL injection. This article is quite lengthy which gives bas…
When it comes to protecting Oracle Database servers and systems, there are a ton of myths out there. Here are the most common.
This video shows how to recover a database from a user managed backup
Viewers will learn how to use the SELECT statement in SQL to return specific rows and columns, with various degrees of sorting and limits in place.

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question