Select Page

DBAs Need to Work With Colleagues on Database Security

Author: John Kaufling | | October 29, 2013

Network security remains an ongoing challenge, if not a struggle, for organizations of all sizes in various industry sectors.

No enterprise is safe, as clearly demonstrated by recent cyberattacks against venerable organizations worldwide, including American Express, the Associated Press, CBS News, JPMorgan Chase, Saudi Aramco, and leading South Korean banks and television stations. Even noted anti-spam organization Spamhaus has not been immune to cyberattacks.

Working together

What can aid enterprises enormously in securing their networks is a firm alliance between database administrators and security professionals.

As Ericka Chickowski, writing for Dark Reading, observed, the problem is these two camps don’t have much in common for starters:

“The lack of a common ground in knowledge base and the divergence in business goals can often lead the two groups to grow so at odds that data security gets lost in the conflict. However, CISOs can do a lot to foster better relations between database staff and security staff for improved database risk management. “

Finding a common ground

Database security is important, but it’s not the only task facing enterprise security professionals who have a broad range of responsibilities for internal and external security. Brad Johnson, vice president at consultancy SystemExperts, told Dark Reading:

“DBAs tend to view their work from the perspective of a normal user, while IT security staff tends to look at DB or Web functionality from the perspective of an intruder. The former is trying to do their job, the latter is trying to ‘break in’ to get access to data or services that were meant to be controlled or private.”

Technology professionals say there are several strategies for building up these alliances, starting with encouraging collaboration and consensus-building between database administrators and security staff. Security is one common ground these two groups can find. Management can play an important role in promoting and, ultimately, achieving collaborative harmony.

Security reviews

Auditing and other types of comprehensive security reviews can help those focusing on database issues see the role they play in eliminating network or system vulnerabilities. Through these types of audits, database administrators can freely bring to the table their best efforts and ideas for stemming vulnerabilities. These could be, for example, insights they have developed based on comprehensive application testing.

And both groups can bring forward issues that must be addressed not only for data security, but also for assuring compliance with emerging rules and regulations that may apply to the enterprise.

Working closely with the security staff, database administrators can complement and enhance the enterprise’s security efforts.

Has your company achieved harmony between DBAs and IT Security? How did your company do it? Let us know, we’d love to get your feedback.

How to Solve the Oracle Error ORA-12154: TNS:could not resolve the connect identifier specified

The “ORA-12154: TNS:could not resolve the connect identifier specified” Oracle error is a commonly seen message for database administrators.

Vijay Muthu | February 4, 2021

Scripting Out SQL Server Logins, Server Role Assignments, and Server Permissions

This blog reviews how you can generate scripts for SQL server logins, role assignments, and server permissions for a smooth migration.

JP Chen | October 1, 2015

MongoDB Best Practices: Design, Deployment & More

This post provides a rundown of best practices to use when running MongoDB.

Esayas Aloto | February 28, 2017

Subscribe to Our Blog

Never miss a post! Stay up to date with the latest database, application and analytics tips and news. Delivered in a handy bi-weekly update straight to your inbox. You can unsubscribe at any time.

Work with Us

Let’s have a conversation about what you need to succeed and how we can help get you there.


Work for Us

Where do you want to take your career? Explore exciting opportunities to join our team.