Security is a serious topic and it requires immediate attention in today;s information world. Every individual needs to protect their personal information to keep the identity secure. For an enterprise, protecting data is the important activity than any thing else.
We have been using computers since 1900+ year (reference). A computer virus first appear on the information world at academic concept in 1940 and the computer program in 1970 (reference1,reference2). these viruses are developed to show case the ability of self manageable and auto reproducible programs. Some of these are to infect and do damage to the computers. Usually, these code travel via floppy disk, CD, DVD, USB disk and powerful Internet.
In the modern world, internet is almost every where and in every equipment. So, the risk is travelling with it.
After the birth of internet, this risks are growing tremendously and keeping danger near to everyone.
Are we going to worry about this security risk or protecting our data from risk?
of-course, everybody wish to protect their information. But, where to start?
if you are a developer, think about the security before typing a single line of code. Because, we developers are the most powerful object then malicious code.
Microsoft product that helps our computer from the risk is Microsoft Security Essentials. It helps to protect our computer from virus, spyware and malware.
Now, our computer is secure. then, what-else.
I would recommend everyone to consider security at every level. But not just higher level security.
- System level
- Application level
- Database access
Block unwanted user request from outside world to enterprise. Block unused and unwanted ports in the system.
Provide secure layer to the application interface and bury the access parameter and other sensitive information with encryption.
Classify the users based of the need for data and report unauthorized access as a red alert. Avoid open access to database objects (stored procedure, views, triggers and etc) give proper access rights to the database users. Encrypt stored data with strong encryption algorithm.
Finally, keep checking the environment for the security holes and update the security software more often. Design your own security model from application access page to database level at end.
Security is never-ending war. but, we together can stop the attack. Please share your thoughts in the comment section.