Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Controlling Access to Sensible Data

Verified

Added on 2019/12/03

AI Summary

This content discusses the importance of non-technical security measures in managing database threats. It highlights the need for enterprises to hire experienced security professionals and adopt defensive matrices to protect their databases from internal and external threats. Additionally, educating employees through training programs can help raise awareness about database security and its importance. The content concludes that information management is crucial for every organization, and various strategies must be implemented to manage risk and avoid threats.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Information Management System
1

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Table of Contents
INTRODUCTION ...............................................................................................................................4
Concept of Database Management System (DBMS)......................................................................4
Technical responsibilities of database administrator ......................................................................5
Requirements of data storage and information gathering in organizations.....................................6
Use of gather information in managerial decisions.........................................................................8
Strategies used by the organizations to deal with security threats in information and database ....8
CONCLUSION .................................................................................................................................10
References...........................................................................................................................................11
2

Illustration Index
Illustration 1: Database Management System......................................................................................4
Illustration 2: Process of Database Management System in an organization ......................................5
3

INTRODUCTION
In general terms, Information Management System (IMS) is a kind of software which has
been developed to provide facilities to the organizations to store manage and use the sore
information as per the requirements. The following system had been built by IBM which delivers
high level of security, scalability, availability and performance to different types on industries
(Rouse, 2007). The following study is prepared on IMS with the purpose of explaining the
importance of this system in organizations for dealing with security issues and managing the
database. The themes that will be covered by the present research are concept of database
management, need and essentialness of database system in the enterprises; use of store data in
managerial decisions and roles and responsibilities of database administrator.
Concept of Database Management System (DBMS)
Before understanding the concept of DBMS, it is important to know what is database. It is a
logical collection of information which defines variables and their interrelationship with the each
other (Rouse, 2007). DBMS is software of computer systems for developing and managing the
database of the entire corporation. It is user friendly software and allows the users as well as
programmers to create, recover, update, delete and manage the information in a systematic manner.
It is essential system which helps in creating the interface between the users and database. It is also
ensure that, the collected data should be well organized and easily accessible (Rouse, 2007).
4
Illustration 1: Database Management System
(Source: CHOWDAM, 2009)

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

The important things of DBMS are the data, database engine and database schema which
allows complete data integration and security to the users. It also support in change management,
monitoring the performance of system, backup of the information and helps in recovering from big
loss (Rouse, 2007). In the present time, there are many types of DBMS system which also assist the
organizations in auditing process. It provides centralized view of information which can be easily
accessed by large number of users at a same time from different locations. The most important
feature or a benefit which is provided by the facility is taking the review of the store information in
many formates (Rouse, 2007). The database users in any company are database administrators,
database designers and end users. The common languages used in DBMS are data definition
languages, data manipulation language and structured query languages. The application areas where
DBMS can be used are banking, airlines, sales, manufacturing, human resource management and
universities.
Technical responsibilities of database administrator
Database administrator is an IT professional person who is responsible in ensuring about
integrity of data, monitor and evaluating the performance of system and check the security of
database within the organization (Galliers and Leidner, 2014). The following person performs duties
and other activities to manage the information in an appropriate manner. The role played by
5
Illustration 2: Process of Database Management System in an organization
(Source: Database Management System. 2010)

database administrator is to develop and design strategies for database management, monitoring the
system and ensuring the working of software as well as developing the plan using system according
to the requirements. To perform duties of database administrator, there are certain skills which are
required such as good communication skills, complete and deep knowledge of database theory and
design, understand the distributed computing architectures, able to perform the work on different
types of OS and having better understanding of information storage and its management (Van,
Turoff and Hiltz, 2014).
The role of database administrator varies from industry to industry and organization to
organization. But there are some activities which are needed to be performed by database
administrator as a primary work. The common technical responsibilities of database administrator
are as follows.
 Taking the backup of the data and recovering the information during failure system.
 Install and configure the Oracle Software in the computer systems.
 Creation of new database (Deeper, 2006).
 Designing of database schema and required database objects according to requirements and
future needs.
 Development of optimal application SQL (structured query languages).
 Ensuing the database security and implementing the DBMS to store and manage the
information.
 Woking with application developers and system administrators to ensure that the present
DBMS meet all the requirements of the organization.
 Updating the existing DBMS as per the requirements with complete security (Deeper, 2006).
Requirements of data storage and information gathering in organizations
In the present time, the need of the data storage and information gathering in both small and
large enterprises are increasing with the time. The rise of amount of information and data put
pressure on the organizations to adopt various kinds of storage strategies, methods and technologies
(Singer, 2012). Information cannot be considered as a data because it has been collected from the
observation and it is unstructured in nature. When the available information processed and is
converted c into meaningful form then it is called as data (Abdo, Meister and Ryerson, 2012).
Data and information, both are important for every kind of organization because it help in
taking different types of business decisions and formulating various policies. Therefore, it is more
important to gather, manage and store available information in an appropriate manner. Storage is an
important part of the organization and from the research, it has been found that about 2.5 quintillion
bytes of data has been created every day in every company in which 90% are unstructured (Singer,
6

2012). These types of information are generally related to customer sales interactions, firm’s
logistics information, communication between the business partners as well as vendors and
customer database. There are several reasons which influence enterprises and generate requirements
of data storage and information gathering which are as follows.
Compliance with the law: Every year, each organization has to conduct audits at their workplace
(Abdo, Meister and Ryerson, 2012). These audits are financial, operational, department, human
resource, information audit etc. Therefore, to organize internal as well as external audit, the
different types of information and data are required. In this situation, it is needed to gather from the
respective department by using the standard format. If the corporations are not using appropriate
information collection process and then it will not be possible to conduct different audits (Abdo,
Meister and Ryerson, 2012).
Data hygiene: It is not possible for corporations to keep the records of all types of data in the right
manner. Even electronic systems are not always feasible to store the data because they are having
finite capacities to save the information. In this regard, the need for storage and gathering of
information is required in companies.
New laws: For developing new policies and laws for the employees, a proper information and data
collection and gathering is important. For example, for providing the flexibility in selection of
working time by the workers a company has to know the reasons which can justify need of
requirements of flexible working hours. So, for this, proper information has to be gathered and
analysed in the appropriate way. Therefore, for developing new laws, the requirements of
information gathering have been raised (Abdo, Meister and Ryerson, 2012).
Adopting new business practices: With the time, every company is required to adopt new business
practices for taking the competitive advantages and bringing growth in business. For example, the
firm wants to change the method of promotion of product and services for target market. In this
context, it is needed to know what are the lacking areas and reasons which affect the promotional
strategies (Abdo, Meister and Ryerson, 2012). Therefore, the management has to conduct meetings
to identify the reasons of poor and ineffective promotion of product. By doing this, the new options
can be raised for making the promotion more effective and attractive for the users. So, the gathered
information and data help the organizations to adopt new business practices.
Rather than the above stated reasons, there are several other needs where the corporations
are required to gather the information and store data such as to organize training and development
for the employees, reducing cost of the final product, minimizing the liabilities, overcoming the risk
of data loss etc (Abdo, Meister and Ryerson, 2012).
7

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Use of gather information in managerial decisions
Decision making is a cognitive method which is used in selection of appropriate action from
the available options (Conde and et.al., 2014). It is an important part of every company to take day
to day decisions. These daily bases decisions are taking on the basis of available information.
During the decision making process, organization has to ensure that the required information should
be collected, sorted and manage. The proper decisions can be taken within minimum time without
affecting operational activities of business.
There are different types of managerial decisions which are taken by the enterprises such as
programmed and non programmed decisions, organizational decisions; routine and strategic
decisions etc (Mithas and Sambamurthy, 2011). For taking these types of decisions, a proper
collection of information and data is needed. If any information is missing during the decisions
making process then, it well ruin all efforts of management and increase the chances of failure of
the strategy.
The usefulness of gathering information in managerial decisions can be understood by an
example. The effective management of the organization operations depend on the available
information in the hand (Xu, 2011). If the firm wants to gain competitive advantages in the market
and increase market share as compare to the rival parties then it is needed to collect required
information. In this regard, the management has to gather the past sales data and analyse current
market demand of their products (Bloom, 2014). After this, the needs, expectations and complains
of the customers from the services have to be determined. By collecting all these information, a
proper analysis is required to reach at a particular result. Afterwards this, the management of the
company can take managerial decision for developing strategies to gain the competitive advantages
of the market competition as well as increased market share. From the above stated example, it has
been clear that the gathered information and data have been used in managerial decisions in the
enterprises (Catthoor, 2013).
Strategies used by the organizations to deal with security threats in information and database
Every organization is having the computer system which is used to save sensitive
information and manage them in the right order. Security threat is a danger which generally occurs
due to the breach of security and harms the data (Imperva, 2014). At the time of performing various
business operations, the firms have faced different kind of security threats such as viruses, worms,
spyware, trojans, etc. But when the company adopt database system for information storage and
management then there are numerous security threats which may harm the data (Imperva, 2014).
When hackers are trying to access the sensitive data and information of the firm, that time they can
8

extract some important information from the system and use it for their personal benefits. The
common database security threats are Excessive and unused privileges, Malware, Input injections,
Storage media exposure, Denial of services, Weak audit trail etc (Imperva, 2014).
There are various strategies by which the organizations can deal with different types of
security threats of information and database which are as follows.
Discovery and assessment: This strategy is used in that situation when database assailable and
critical data reside (Imperva, 2014). In these conditions, input injections and Malware are the
common threats which may harm the database and stole the information from the system. In this
state, a procedure has to be adopted by companies which can help in identifying those areas which
are easily accessible and face weak authentication. Along with this, by just categorizing the
information into more to less sensitive terms, it can be easy to secure database and its information
(Imperva, 2014).
User right management: In this strategy, management of the firm have to manage the right of the
users according to the organization structure. It helps in overcoming the excessive rights of the
employees to access the information. Along with this, the management can also use different
systems such as using the passwords or login method on those database which are more sensitive
and important for the business (Imperva, 2014).
Monitoring and blocking: By monitoring the suspicious activities on the system by using patterns
in real time to detect leakage of information, the database security threats towards the store
information can be minimized. Along with this, by blocking the malicious web request, the input
rejection database security attack can be reduced. On the other hand, by allowing the limited
connections with the server, the information can be secured from the outsiders (Imperva, 2014).
Auditing: By implementing DAP solutions, the scalability and security of the data can be managed
by the organizations. This solution helps in capturing the details of transactions of information from
one system to another. Along with this, it also assists the firms in preparing the reports for auditing
purpose and monitoring the performance of the existing system (Imperva, 2014).
Data protection: For protecting the data for long time, it is important to save the information in
various locations in different forms. This can be recovered in the case of loss or breakdown of the
system to affect the operational activities of the business. By using Encrypt Database, a
heterogeneous environment can be created for the present information. It allows the organizations to
secure original and backup of the information to control access of the sensible data from the
outsiders (Imperva, 2014).
Non-technical security: By hiring the experiences security professionals, the enterprises can take
the defend actions against the probability of internal and external database threats. With the help of
9

this, the management can easily control over access of the information by employees and other
people. On the other hand, by adopting the defensive matrix in the organizations, the management
can easily protect database and its information from the different types of security risk. Along with
this, by educating the workers with the help of training, the importance of database security and
threats can be explained in more appropriate manner (Imperva, 2014).
CONCLUSION
From the above study, it can be concluded that information management is an important
requirement of every kind of organization. Many of the companies have used different kind of
database management system to store, manage and retrieve the information to protect from any kind
of harm. There are various reasons which generate the requirements of data storage and information
gathering. This data help in taking managerial decisions and formulate various business policies.
There are numerous kinds of roles and responsibilities played by database administrator in the every
company. During performing operational activities, there are different types of information of
business activities which are required to save at proper location and set format. In this situation, it is
needed to store them in a proper manner by minimizing the risk of security threats. But, in the case
of increase the risk of attack of database security threats, the various strategies have to be followed
to manage risk and avoid threats.
10

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

REFERENCES
Books and Journals
Bloom, N., 2014. The distinct effects of information technology and communication technology on
firm organization. Management Science. 60(12). pp. 2859-2885.
Catthoor, F., 2013. Custom memory management methodology: Exploration of memoryorganisation
for embedded multimedia system design. Springer Science & Business Media.
Conde, M. and et.al., 2014. An evolving Learning Management System for new educational
environments using 2.0 tools. Interactive Learning Environments. 22(2). pp. 188-204.
Galliers, R. D. and Leidner, D. E., 2014. Strategic information management: challenges and
strategies in managing information systems. Routledge.
Mithas, S. and Sambamurthy, V., 2011. How information management capability influences firm
performance. MIS quarterly. 35(1). pp. 237.
Van, B., Turoff, M. and Hiltz, S. R., 2014. Information systems for emergency management.
Routledge.
Xu, L. D., 2011. Information architecture for supply chain quality management.International
Journal of Production Research. 49(1). pp. 183-198.
Online
Abdo, A., Meister, W. and Ryerson, C., 2012. E-Discovery and Data Management Update: Ten
Reasons Why Every Organization Should Implement a Record Management Policy and
Review the Policy on an Annual Basis. [Online]. Available through:
<http://www.fclaw.com/newsletter/newsletter.cfm?id=1119>. [Accessed on: 14th October,
2015].
Chowdam, L., 2009. What is a Database, DBMS?. [Online]. Available through:
<https://mycodelines.wordpress.com/tag/database-management-system/>. [Accessed on:
14th October, 2015].
Database Management System. 2010. [Online]. Available through:
<http://dbms-ii.blogspot.in/p/dbms-architecture.html/>. [Accessed on: 14th October, 2015].
Deeper, G., 2006. Key roles of database administrator. [Online]. Available through:
<http://searchoracle.techtarget.com/answer/Key-roles-of-database-administrator>.
[Accessed on: 14th October, 2015].
Imperva, 2014. Top Ten Database Security Threats The Most Significant Risks of 2015 and How to
Mitigate Them. [PDF]. Available through: <http://readwrite.com/2012/12/12/big-data-
boosts-storage-needs-and-opportunities>. [Accessed on: 14th October, 2015].
11

Rouse, M., 2007. IMS (Information Management System) definition. [Online]. Available through:
<http://searchdatacenter.techtarget.com/definition/IMS-Information-Management-System>.
[Accessed on: 14th October, 2015].
Singer, M., 2012. Big Data Boosts Storage Needs - And Opportunities. [Online]. Available
through: <http://readwrite.com/2012/12/12/big-data-boosts-storage-needs-and-
opportunities>. [Accessed on: 14th October, 2015].
12

1 out of 12

+13062052269

info@desklib.com

Controlling Access to Sensible Data

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

DBA Access Control for Secure Database Management

Ensuring Database Security: Solutions and Best Practices

Importance of Database Management System (DBMS) and Transportation Management System (TMS) in MIS

Database Management Systems: Design & Applications

Database Management System Concepts

Database Management System