Welcome to the SecAware blog

I spy with my beady eye ...

2 Feb 2007

New database security awareness module

We have just released a brand new awareness module on database security for February. The risks and controls associated with database security make for a fascinating security awareness subject.

For IT professionals, the module contains:
- A risk analysis (available in the NoticeBored newsletter)
- A PowerPoint presentation giving an overview of database security technologies
- A white paper describing database security controls in more depth
- A controls matrix categorizing database security controls into preventive, detective and corrective classes on one axis, and confidentiality, integrity and availability on the other
- And a checklist to guide a systematic review of database security controls.

For the general staff audience, the non-technical posters, seminar slides, screensavers, case study, crossword and other awareness materials highlight personal perspectives on database security, for example when database breaches lead to the exposure of personal data.

Finally, we present the governance aspects of database security to management through mind maps, agendas, PowerPoint slides and briefing papers. Managers need to be aware of the legal and regulatory implications of database security failures. The generic business case for database security controls provides a solid background for managers to assess the security aspects of database development project proposals, and the metrics paper suggests a range of ways in which they can keep an eye on their investments in database security.

See the module contents and links page

No comments:

Post a Comment