The rise of online transactions has led to the use of databases more than before. There has been rise in dynamic websites because, unlike the years of yonder where the database tools were oday, proprietary, there are good tools that are free and can be used to develop databases which are robust in nature and can handle data very efficiently. What is more, with the use of open source technologies and spirit, more people are using open source tools and technologies to develop databases with the least effort. Many of these databases are the source of information which is being circulated on the Internet, but who cares There have been online transactions including online banking, education, and online shopping. All these systems make extensive use of databases. The databases are no longer used to facilitate the storage of data alone they are also used to facilitate the working of these online systems.
Although the databases have proved to be of great benefit to the current information systems, there is a problem which is lurking and is a time bomb for the future systems. This is because the systems which are using these databases have insufficient security measures that they have put in place to counter any attacks that may be experienced in their system. With the coming up of cloud computing and being adopted by many organizations, the safety of the databases is of paramount importance to many orgnazisation (Kioskea). Also, the rise in computer fraud of late is enough reason to keep companies and IT professionals on their toes in databases security. Of late, computer hackers are no longer youngsters who are idling on the Internet but they are full time computer professionals who are aiming to get personal information so that they can use in online shops and online banks to wreck havoc to the owners of this personal information. The Information Technology is growing very fast and in that sense, there are a lot of personal data that are being posted to the Internet everyday and these data need to be protected from attack. Unfortunately, many companies are not aware of this threat and leave their information in the hands of unqualified staff that have less concern for this information.
IT background of the issue
There has been a lot of database use for most companies. This is due to the fact that database driven websites are more interactive as compared to the static websites. Another reason is that updating a static website is more cumbersome than that of a dynamic one. The reason is that for a dynamic website, one has to update the data in the database alone unlike that of a static website whereby one has to update each and every page that displays the data.
Most websites have databases in the background. The databases are accessed by a program that is called a web server.
A web server normally handles the transaction processes in the web system. the web server will include programs like IIS, and Apache server. There is a scripting program that serves the requests between the web server and the database. These scripting programs include PHP, and ASP. The structure of this system is shown in the diagram above.
The client represents the program that is used by the user to send requests to the database. An example is Mozilla, Google Chrome, and Internet explorer. The application server includes the programs like Apache and IIS. They are normally included with the scripting language in place. The structure is similar across lot web applications.
The use of technologies like AJAX has made the use of these databases even better. This is because with this technology the users can retrieve data from the database without the page refreshing. This saves time.
The Impact of the issue
With the increase in the use of databases, there is a risk that is bound to strike any time in the near future. This is because there is a lot of fraud that is going on in the Internet. most of the fraudsters target personal information that is stored in these databases. The rise in this trend can be attributed to the fact that there is a lot of revolution going on in the use of the Internet. of worth noting is the fact that there is the rise of Web 2.0 applications like online banking and shopping. These applications have given rise to hackers of all kinds to want for the personal information so that they use it to withdraw money from the users account. This is a serious issue that has been of great concern for many.
Another impact is that with this technology in place, it will be difficult to maintain the system because a database expert will be required to make any corrections to the system. some of the technologies that are associated with database processing are difficult to work on and will require only experts to configure and update it. This is costly to the organization because it will also mean that they get someone who is conversant to the systems.
Solution to problems arising from the use.
One of the solutions is that any organization should have a security policy that will be able to check on the security breaches and ensure that all the data are used and manipulated as per the stipulated policy.
The very basic of the security is authenticating network users and the equipment that log into the database. Unwanted external connections can be blocked by use of a firewall in software or hardware form. There should be resources access policy that defines who is authorized to access what within the organization. Systems with sensitive data should be kept offline and routinely checked to ensure they are secure. Any know software back door entry should be addressed including a routine security patch update from the software manufacturers.
Selected sources of references
Kioskea, Introduction to 3-Tier Architecture, httpen.kioskea.netcontentscscs3tier.php3, (1612013)
News item extract
Organizations are struggling to meet government standards and set out policies to ensure their data is secure and safe. This acquisition also helps the companies to reinforce their security measures.
Although the databases have proved to be of great benefit to the current information systems, there is a problem which is lurking and is a time bomb for the future systems. This is because the systems which are using these databases have insufficient security measures that they have put in place to counter any attacks that may be experienced in their system. With the coming up of cloud computing and being adopted by many organizations, the safety of the databases is of paramount importance to many orgnazisation (Kioskea). Also, the rise in computer fraud of late is enough reason to keep companies and IT professionals on their toes in databases security. Of late, computer hackers are no longer youngsters who are idling on the Internet but they are full time computer professionals who are aiming to get personal information so that they can use in online shops and online banks to wreck havoc to the owners of this personal information. The Information Technology is growing very fast and in that sense, there are a lot of personal data that are being posted to the Internet everyday and these data need to be protected from attack. Unfortunately, many companies are not aware of this threat and leave their information in the hands of unqualified staff that have less concern for this information.
IT background of the issue
There has been a lot of database use for most companies. This is due to the fact that database driven websites are more interactive as compared to the static websites. Another reason is that updating a static website is more cumbersome than that of a dynamic one. The reason is that for a dynamic website, one has to update the data in the database alone unlike that of a static website whereby one has to update each and every page that displays the data.
Most websites have databases in the background. The databases are accessed by a program that is called a web server.
A web server normally handles the transaction processes in the web system. the web server will include programs like IIS, and Apache server. There is a scripting program that serves the requests between the web server and the database. These scripting programs include PHP, and ASP. The structure of this system is shown in the diagram above.
The client represents the program that is used by the user to send requests to the database. An example is Mozilla, Google Chrome, and Internet explorer. The application server includes the programs like Apache and IIS. They are normally included with the scripting language in place. The structure is similar across lot web applications.
The use of technologies like AJAX has made the use of these databases even better. This is because with this technology the users can retrieve data from the database without the page refreshing. This saves time.
The Impact of the issue
With the increase in the use of databases, there is a risk that is bound to strike any time in the near future. This is because there is a lot of fraud that is going on in the Internet. most of the fraudsters target personal information that is stored in these databases. The rise in this trend can be attributed to the fact that there is a lot of revolution going on in the use of the Internet. of worth noting is the fact that there is the rise of Web 2.0 applications like online banking and shopping. These applications have given rise to hackers of all kinds to want for the personal information so that they use it to withdraw money from the users account. This is a serious issue that has been of great concern for many.
Another impact is that with this technology in place, it will be difficult to maintain the system because a database expert will be required to make any corrections to the system. some of the technologies that are associated with database processing are difficult to work on and will require only experts to configure and update it. This is costly to the organization because it will also mean that they get someone who is conversant to the systems.
Solution to problems arising from the use.
One of the solutions is that any organization should have a security policy that will be able to check on the security breaches and ensure that all the data are used and manipulated as per the stipulated policy.
The very basic of the security is authenticating network users and the equipment that log into the database. Unwanted external connections can be blocked by use of a firewall in software or hardware form. There should be resources access policy that defines who is authorized to access what within the organization. Systems with sensitive data should be kept offline and routinely checked to ensure they are secure. Any know software back door entry should be addressed including a routine security patch update from the software manufacturers.
Selected sources of references
Kioskea, Introduction to 3-Tier Architecture, httpen.kioskea.netcontentscscs3tier.php3, (1612013)
News item extract
Organizations are struggling to meet government standards and set out policies to ensure their data is secure and safe. This acquisition also helps the companies to reinforce their security measures.
No comments:
Post a Comment