Database Security
Databases hold the critical data your organisation requires to do business. As a result, maintaing a secure database environment has become integral to maintaining productive technology environments.
SIFT is able to assist your organisation in this area with its industry leading database security assessment capability. Our documented methodologies provide the level of coverage and assurance that today's security conscious organisations are striving to achieve.
Depending on your specific needs, our database assessments can comprise any combination of:
- Server Assessment
- Configuration Assessment
- Code Assessment
- Requirements Validation
Server Assessment
A database management system (DBMS) is only as secure as its underlying host system. This type of test seeks to ascertain the security posture of the database server operating system and supporting applications.
Configuration Assessment
Having secured the host system, the configuration of the DBMS is the next line of defence against attacks. This type of test seeks to verify the security of database specific configuration & access control and ensure the lowest possible exposure to any application attacks.
Code Assessment
A secure server and DBMS configuration provides the platform for the implementation of custom code. This type of test seeks to review any database code, tpyically SQL, for security weaknesses that may expose the database to attack.
Requirements Validation
Once the technical implementation of the database has been secured, it is important to ensure that all security requirements have been met. This type of test seeks to verify that all compliance, business, and process rules have been and will be followed appropriately.
|
SIFT is an "Australian Government Endorsed Supplier" of information security and information risk management services. 
