Builder.au has a useful article titled, “Six Steps to Secure Sensitive Data in MySQL.” While I am a PostgreSQL fan myself, this article gives a good checklist of no-nonsense steps that can be taken in order to secure your data. Most of these steps can be applied across databases and even generalized to other systems, it is just good advice.
The thing I like most about the article is that five of the six steps to secure your data of them have no visible impact on the users whatsoever. I would argue that the value of architecture improvements are inversly proportional to the amount of extra effort it will take for a user to get their work done.

On a side rant, something I don’t hear enough about these days is the responsibility of the organization for their IT architecture and policies. Instead, most of the time I hear scapegoating and complaints about users. If it is your architecture, you are in charge of keeping things running safely and securely. It is your users responsibility to use your systems efficiently, not to make your life easy.

This entry was posted on Wednesday, August 16th, 2006 at 4:57 am and is filed under Databases, Information Architecture, Practices. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.