A database administrator typically has access to all of the data in a database. This could include sensitive information such as salaries and bonuses. Select a database administrator that you can trust, and consider separating out the roles of the database administrator and the security administrator so that no one individual has access to all of the information in your environment.
7. Safeguarding Database Accounts
Ensure that all database accounts have passwords set on them. Consider implementing a strict password policy that requires the use of a combination of upper- and lowercase characters as well as numbers, as these are harder to crack. Ensure that unused accounts are removed immediately, for example, when an employee leaves, and remove system accounts such as "guest" and "test" accounts before the system goes live.
8. Backing Up Isn't Hard to Do
We all know that if you have up-to-the minute backups of your data that you'll never need them, and that it's always the information that you haven't backed up that will be accidentally deleted or otherwise lost. Databases should be backed up on a daily basis and database journaling should be used so that in the event of failure the environment can be restored to exactly how it was before disaster struck. We read horror stories in the press every day about database tapes containing sensitive information being lost or stolen. Database backup tapes or disks should be stored, tracked and accounted for like any other valuable asset in your business. Given that your database environment can be recreated using the backup media, it is important that all database backup media should be securely erased or physically destroyed at the end of its useful life.
9. Disaster Planning
It's always best to use Murphy's Law when planning for a disaster in your environment. Prioritize your database applications and determine how long your business could afford to be without any one of them, what process would be put in place to replace them temporarily, and how much you would be willing to spend to ensure their continued operation. Database technologies are very sophisticated and include the ability to configure a standby machine that will automatically kick in when your primary machine fails, or to keep an exact copy of your database in another location that can be used in the case of a wider disaster such as power failure or communications failure. There are costs associated with putting these failsafe measures in place but these often pale in insignificance when compared to the losses that could result from a failure in the environment.
10. Open Source Databases
Open source databases have matured to the point where they're used no longer solely used by hobbyists, but also by big business, governments and academic institutions. Open source databases like Ingres and MySQL have proven themselves in large scale environments such as Lufthansa Airlines and Google, along with government environments such as the National Center for Missing & Exploited Children (NCMEC), German Federal Institute for Geosciences and Natural Resources (BGR) in Germany, and the Pacific States Marine Fisheries Commission. They provide the same level of performance, scalability, security and usability as their prohibitively expensive closed source counterparts such as SQL Server or Oracle. Open source software is less expensive to deploy as it has no license fees associated with it, but users can purchase 24x7 support subscriptions if they choose.