Enhancing database security by restricting the access of users
Database security mainly involves the protection of database by ensuring the usage of management software. Databases should have limited access, and unknown users should be restricted to use the databases. The purpose of securing databases is to prevent the attacks of malicious software. Illegitimate usage is also limited. Tools, processes and technologies should be adapted to ensure its security.
Relationship between roles in databases and users
A user can have access to a database based on their assigned tasks and privileges. Users can be categorized into superusers, object owner and everyone else. The superuser is usually the administrator who performs database-related functions. The object owner is the type of user who can create a specific database object (schema or table). Lastly, public users fall under the category of “everyone else.” They can also be regarded as non-superusers, and they play the role of PUBLIC because they have been granted by the superuser to play this role. They do not own the objects. Roles are assigned to different types of users. The most common types of roles are PUBLIC, DBADMIN, SYSMONITOR, DBDUSER and PSEUDOSUPERUSER (Ambhore, Meshram & Waghmare, 2007). These are predefined roles, and it is not possible to rename or drop the assigned roles. At the beginning of the user session, all roles, except the PUBLIC role, are enabled by default.
Importance of assigning roles to individual users of databases
Assigning privileges and rights to individual users can be a risky affair. A large number of users access databases, and malicious users can take advantage of the situation. It is necessary to assign roles because all kinds of users cannot have access to the databases. It will be impossible to modify, change or drop objects. The database structure must remain intact, and therefore roles are assigned to the users. Once a user is assigned a role, he or she can have access to useful information; however, the user does not get the chance to manipulate the information (Bertino & Sandhu, 2005). They cannot cause harm to a particular setup or situation of a database. In this manner, the user can be categorized under the “least privilege” category. The superuser can grant privileges to a particular user and checks whether a new user possesses the privilege to conduct a particular operation.
Ways to handle job changes and new hires
In case new employees are hired, or job changes occur, it is feasible to get ready for the multiple stages. Notably, when a database administrator changes job or leaves the firm, the business faces one of the threatening challenges (Mohammed & Dilts, 1994). It is the hiring of a new database administrator. At first, the company should be prepared from beforehand and ensure the completion of all kinds of paperwork. It can save the valuable time of the company. After hiring new workers, the orientation process takes place. Thereafter, onboarding occurs, and it is a month-long process. It can take about 12 weeks to train the newly hired candidates and increase their understanding of third-party tools or security practices.