IT Examiner at a financial services firm with 10,001+ employees
Real User
2022-01-13T21:49:38Z
Jan 13, 2022
It is a good product. It has been used for years. As long as it is configured correctly, it is a very stable product. It depends on how an institution or a company configures it. It depends on an institution's risk appetite. You need to make sure it is configured as per the concept of least privilege, and the logging features, detection and control mechanism, and other things like that are enabled. If you configure it to give access to the public, then there could be compromises. You should also have someone who independently checks it to make sure that it is configured keeping security in mind. If it has been configured for a while, when there are enhancements to the product or when you enhance it, you need to make sure that security is also looked at, and it is configured according to an institution's security policies. I would rate it a nine out of 10.
IT Examiner at a financial services firm with 10,001+ employees
Real User
2019-06-11T11:10:00Z
Jun 11, 2019
I rate the product about eight out of ten considering the wealth of automated processes. Removing the need for human intervention makes the product valuable. It is only an eight and not a ten because there is still room for improvement.
What is database security? Database security consists of a range of security controls, tools and practices designed to protect the database management system (DBMS). There are several security measures your organization should implement, from protecting the physical infrastructure holding the servers to securing the network and access to the data.
Database security tools and practices should protect:
Data inside the database
The database management system
Data in transit from and to...
It is a good product. It has been used for years. As long as it is configured correctly, it is a very stable product. It depends on how an institution or a company configures it. It depends on an institution's risk appetite. You need to make sure it is configured as per the concept of least privilege, and the logging features, detection and control mechanism, and other things like that are enabled. If you configure it to give access to the public, then there could be compromises. You should also have someone who independently checks it to make sure that it is configured keeping security in mind. If it has been configured for a while, when there are enhancements to the product or when you enhance it, you need to make sure that security is also looked at, and it is configured according to an institution's security policies. I would rate it a nine out of 10.
I rate the product about eight out of ten considering the wealth of automated processes. Removing the need for human intervention makes the product valuable. It is only an eight and not a ten because there is still room for improvement.