Data Warehousing and Security Data

Data Warehousing and Security

Data security is a growing concern for all organizations, as information is key to any business operation and could be considered the essential commodity of modern business. The degree to which companies are failing to recognize the importance of data security and are slow to implement recommended security changes is still dismaying, however, and is cause for an examination of some of the problems and opportunities associated with data storage and security (Warigon, 1997; TechFaq, 2010). Data warehousing is one way to store and access large amounts of information that presents certain unique security risks alongside some structural and tactical advantages in terms of data security, and understanding these systems leads to a better overall capability to understand and effectively respond to (or proactively limit) security threats) (TechFaq, 2010; Nishith, 2005). The following paragraphs provide an overview of data warehousing and its security implications.

Data warehouses are not distinct from databases, but rather are a specialized type of database or database network that is partially "read-optimized" as opposed to "write-optimized" (Warigon, 1997; Nishith, 2005). What this means is, data warehouses are designed to be able to more quickly respond to queries, analyzing and accessing data that has been stored in the "warehouse" according to guidelines specified by users, much faster than databases designed primarily to take and store information (Nishith, 2005; TechFaq, 2010). Though of course data warehouses perform a storage function as well, it is in the access and analysis functions that unique security risks and opportunities are presented (Warigon, 1997).

Data warehouses have an inherently greater level of protection against certain types of attacks, such as denial-of-service attacks and other attempts to overload the capabilities of the information system, when compared to traditional databases (Warigon, 1997). because the system is designed to be able to handle complex queries for information much faster than are traditional databases, designing and implementing such an attack becomes more difficult and complex (Warigon, 1997). At the same time, the ease with which information in a data warehouse can be manipulated creates more significant problems than a traditional database should unauthorized access be obtained (TechFaq, 2010). While no database or information system could possibly have all necessary security precautions embedded within the structure of its basic operations -- i.e. storing, classifying/analyzing, and retrieving data -- as it is simply not in the nature of an information system to provide such security, data warehouses are at a special level of risk due to the organization of data and the speed at which it is processed (TechFaq, 2010; Warigon, 1997).