Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:01,400 --> 00:00:03,980
In this lesson, we're going
to be discussing database
2
00:00:03,980 --> 00:00:07,550
security, specifically,
talking about the principles
3
00:00:07,550 --> 00:00:12,110
of security in general, how
those can apply to the database
4
00:00:12,110 --> 00:00:13,730
world as well.
5
00:00:13,730 --> 00:00:17,990
So security is and will
be one of the top concerns
6
00:00:17,990 --> 00:00:22,010
in the computing world for
the foreseeable future.
7
00:00:22,010 --> 00:00:24,110
It is a big hot topic.
8
00:00:24,110 --> 00:00:28,490
There are companies springing
up that focus only on security,
9
00:00:28,490 --> 00:00:32,000
that do things like penetration
testing and scanning
10
00:00:32,000 --> 00:00:33,900
and those types of things.
11
00:00:33,900 --> 00:00:36,590
So security is a major concern.
12
00:00:36,590 --> 00:00:40,070
Of course, there's recent
examples of department stores
13
00:00:40,070 --> 00:00:45,080
and various companies where the
security has been compromised
14
00:00:45,080 --> 00:00:47,030
and the information
has leaked out
15
00:00:47,030 --> 00:00:49,160
and it's been made
available to people
16
00:00:49,160 --> 00:00:51,230
that it doesn't belong to.
17
00:00:51,230 --> 00:00:53,030
And part of this is
because the amount
18
00:00:53,030 --> 00:00:55,940
of information
that we're storing
19
00:00:55,940 --> 00:00:57,980
is increasing and increasing.
20
00:00:57,980 --> 00:01:01,880
If you think of all the social
networking sites, all of that
21
00:01:01,880 --> 00:01:06,320
is what we call PII, or
Personally Identifiable
22
00:01:06,320 --> 00:01:08,810
Information,
information that can
23
00:01:08,810 --> 00:01:11,630
be used to identify
a particular person.
24
00:01:11,630 --> 00:01:15,170
This type of information
is important to companies
25
00:01:15,170 --> 00:01:17,600
like credit card
and loan companies
26
00:01:17,600 --> 00:01:20,810
and such to be able to
identify a person, as well
27
00:01:20,810 --> 00:01:23,750
as just purchasing
things on the internet.
28
00:01:23,750 --> 00:01:26,780
If that information gets
out, then other people
29
00:01:26,780 --> 00:01:30,260
can steal identities and
impersonate that person.
30
00:01:30,260 --> 00:01:32,240
So all of these
things are pointing
31
00:01:32,240 --> 00:01:35,120
to the idea of security
coming to a head
32
00:01:35,120 --> 00:01:38,300
really, where there
will be even more
33
00:01:38,300 --> 00:01:42,440
incidents in the news that
have a big impact on day
34
00:01:42,440 --> 00:01:44,030
to day life.
35
00:01:44,030 --> 00:01:46,640
And the interesting thing
for a database administrator
36
00:01:46,640 --> 00:01:49,250
to consider is that
most of this information
37
00:01:49,250 --> 00:01:52,010
is stored in a
database of some type.
38
00:01:52,010 --> 00:01:55,910
By and large, the information is
stored in relational databases,
39
00:01:55,910 --> 00:01:58,730
although there are other
types of databases that store
40
00:01:58,730 --> 00:02:02,010
some types of information.
41
00:02:02,010 --> 00:02:06,330
And it's also true that security
is often overlooked in the day
42
00:02:06,330 --> 00:02:09,540
to day operations of a
database administrator.
43
00:02:09,540 --> 00:02:12,930
Since so much of a
database administrators day
44
00:02:12,930 --> 00:02:16,950
is spent fighting fires,
performance tuning,
45
00:02:16,950 --> 00:02:20,040
creating objects,
backup and recovery,
46
00:02:20,040 --> 00:02:22,830
all those types of
things, it is safe to say
47
00:02:22,830 --> 00:02:25,500
that there are a lot of
database administrators
48
00:02:25,500 --> 00:02:28,890
that really just don't
consider security in the day
49
00:02:28,890 --> 00:02:30,870
to day operations.
50
00:02:30,870 --> 00:02:32,700
And this is just because
they're overwhelmed
51
00:02:32,700 --> 00:02:34,590
with other types of things.
52
00:02:34,590 --> 00:02:36,780
And, to be honest,
security is one
53
00:02:36,780 --> 00:02:39,360
of those areas where a
database administrator is not
54
00:02:39,360 --> 00:02:42,480
going to get a lot of
support from other parts
55
00:02:42,480 --> 00:02:45,370
of the organization
by and large.
56
00:02:45,370 --> 00:02:48,750
If you're dealing with
developers and users,
57
00:02:48,750 --> 00:02:51,510
and you try to implement
tight security,
58
00:02:51,510 --> 00:02:53,370
that makes it more
difficult for them
59
00:02:53,370 --> 00:02:55,530
to do their jobs, quite simply.
60
00:02:55,530 --> 00:02:57,990
And they don't want
those roadblocks.
61
00:02:57,990 --> 00:02:59,760
But it has to be considered.
62
00:02:59,760 --> 00:03:04,290
DBA has to be the one that
stands up and at least says,
63
00:03:04,290 --> 00:03:09,330
this is a risk, and we need to
mitigate that risk in some way.
64
00:03:09,330 --> 00:03:12,180
Hopefully, the DBA gets
support from their management,
65
00:03:12,180 --> 00:03:14,680
although that's not
always the case as well.
66
00:03:14,680 --> 00:03:18,540
So, for a DBA, you have
to consider the security
67
00:03:18,540 --> 00:03:20,970
and you have to at
least make known
68
00:03:20,970 --> 00:03:25,140
your risks and your findings,
security problems that
69
00:03:25,140 --> 00:03:26,550
exist in the organization.
70
00:03:26,550 --> 00:03:28,680
You have to at least
be able to bring those
71
00:03:28,680 --> 00:03:32,650
to someone's attention,
even for your own sake.
72
00:03:32,650 --> 00:03:34,500
One of the principles
of security
73
00:03:34,500 --> 00:03:37,800
is the principle
of least privilege,
74
00:03:37,800 --> 00:03:42,470
the idea that less is best
as far as privileges go.
75
00:03:42,470 --> 00:03:44,810
There's a myth about
the typical hacker.
76
00:03:44,810 --> 00:03:47,900
And hackers make
the news when they
77
00:03:47,900 --> 00:03:51,410
are some kid in the Ukraine
that attacked a bank
78
00:03:51,410 --> 00:03:53,330
or something of that nature.
79
00:03:53,330 --> 00:03:55,340
But that is a myth
as far as that
80
00:03:55,340 --> 00:03:58,400
being the main
type of attack that
81
00:03:58,400 --> 00:04:00,930
involves computer security.
82
00:04:00,930 --> 00:04:05,250
The majority of attacks against
computer security are internal.
83
00:04:05,250 --> 00:04:07,770
And this has been true
almost since the beginning
84
00:04:07,770 --> 00:04:09,090
of computers.
85
00:04:09,090 --> 00:04:11,640
It isn't the external
attacks, it's
86
00:04:11,640 --> 00:04:14,730
the internal attacks
that are more prevalent.
87
00:04:14,730 --> 00:04:17,760
And that's why database
security is so important.
88
00:04:17,760 --> 00:04:21,090
Because, if a hacker, or
an attacker, or someone who
89
00:04:21,090 --> 00:04:24,990
wants to compromise information,
is internal to a company,
90
00:04:24,990 --> 00:04:27,870
then they may have
access to the database,
91
00:04:27,870 --> 00:04:30,030
and the data that
they're looking for
92
00:04:30,030 --> 00:04:31,920
may be stored in the database.
93
00:04:31,920 --> 00:04:35,730
And so that's why it's not
enough in today's world just
94
00:04:35,730 --> 00:04:39,000
to have strong firewalls
outside of your company.
95
00:04:39,000 --> 00:04:41,080
Firewall security is important.
96
00:04:41,080 --> 00:04:44,250
And it's not the only security
that you have to have.
97
00:04:44,250 --> 00:04:46,920
You have to have
security in layers,
98
00:04:46,920 --> 00:04:48,960
sort of walls inside of walls.
99
00:04:48,960 --> 00:04:52,480
And that's where database
security comes in.
100
00:04:52,480 --> 00:04:54,250
So the principle
of least privilege
101
00:04:54,250 --> 00:04:57,850
states that a user should only
be granted the privileges that
102
00:04:57,850 --> 00:05:01,270
are absolutely necessary
for that user to accomplish
8343
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.