Institutional Database Security - Free Essay

The Family Educational Rights and Privacy Act requires organizations to use all reasonable methods to ensure data safety. For an institution to ensure that the information has not landed on unauthorized individuals, it must take both physical and logical measures. Physical measures provide that servers, software, data, and the network are physically secure. On the other hand, logical data security measures protect information by using software and settings.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

Physical Access Control

For the college to keep the data safe from being accessed by unauthorized persons, the management should ensure the server's physical security. The institution should also ensure that the computers and mobile devices that access the data are safe. To achieve this goal, the organization needs to take measures like surveillance and access control. The institution should also embrace some hardening measures to make the registrar's office inaccessible to unauthorized persons (Pevnev & Kapchynskyi, 2018).

Physical access control includes putting measures in place to ensure that only authorized persons can access the offices. The organization can achieve physical access control by using heavy locks in the offices to ensure that only the right people enter the offices. The offices can heighten physical security by using safety pass-cards to open the office doors.

The institution can also install an office biometric door system in the registrar office and other rooms where the computers are stored. Additionally, the institution can install surveillance cameras in the offices to monitor entry and use of the offices. The advancement of technology has also made it easy to know when an intruder enters the room. The institution can detect those who come to the offices using motion detectors and notification system. To protect the servers and data-access devices from damage by fire, the college can use heat sensors.

Logical Access Control

The college can use some software and settings to secure the data from being external manipulation, loss, and access. Logical safety measures include using user passwords and user authentication and identification. Using the logical control measures limits the use of the database and the server to only the authorized staff. Restricting access to the database protects the data from vandalism, alteration, or loss (Shaul, 2008).

User authentication is the use of secret identification numbers, such as the personal identification number (PIN), to limit the users. People who are not members of staff in the organization will not be able to access the information. To access the data system, the team will need to have the user name and password.

Another logical method that the collage can use to enhance student information security is user identification. The ID system will make the organization to identify those who are using the system. The ID system ensures that the organization can monitor the users' activities and identify them using their IP addresses. The identity system will make the organization detect any unusual log into the network and secure data.

The collage can also embrace the use of Two-Way Authentication. This system of ensuring database security requires both the user and the system to convince each other that they know the password. The user has to convince the data system that the password has not received the data through a third party (Shaul, 2008). With this system, the chances of third parties using the system become minimal. Two-Way authentication makes sure that the database does not land in the hands of unauthorized hands. Prospects of the vandalism of student information become minimal when this system is implemented.

Using organized security assuring sound practices will ensure that the information on the details of students is safe. Chances of the data getting lost, falling into the wrong hands, and misuse are minimal when people put these measures in place. The college can combine all the methods to ensure that the database is safe.

Secure Information Transfer in the Institution

To transfer student data from one office to another, the institution uses the data system. Any member of staff who wants access to the data can access the information can log in to the system. The organization uses emails and WIFI direct methods to transmit data that is not in the system.

The organization will have to choose a method of ensuring that the data is safe while being sent to prevent assess of information while transmitting. A strict transmission security protocol is essential for the college to keep communications free from external access. Security can increase if the firm uses the message encryption system. In the encryption system, the sender transmits a coded message then the recipient uses the code to open the encrypted message.

If the college uses encryption and decryption method, the data's security will be assured because only selected individuals can access it. The organization can also use a technique like the Transport Layer Security (TLS) to ensure data security while sharing through emails. TLS provides that the message sent through emails is secure from, therefore making communication between workers to remain private (Seggelmann et al., 2012).

While an institution keeps student data in their data system, it needs to ensure that it is safe. Providing the data's safety is a product of both physical and logical measures that the organizational staff take. Keeping the data safe ensures that the information does not land in unauthorized hands and always remains available and in the right form. Transmission of data within the organization also requires a convenient and secure channel. Improving the security of the transmission channel makes the data less prone to intrusion and interference.

References

Pevnev, V., & Kapchynskyi, S. (2018). Database Security: Threats And Preventive Measures. Advanced Information Systems, 2(1), 69–72. https://doi.org/10.20998/2522-9052.2018.1.13

Shaul, J. (2008). Implementing database security: using attack analysis to improve your defenses. Network Security, 2008(7), 18–20. https://doi.org/10.1016/s1353-4858(08)70089-8Segge

lmann, R., Tuexen, M., & Williams, M. (2012). Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension. https://doi.org/10.17487/rfc6520