Database and Data Mining Security

Database and Data Mining Security Strategy Providing analysis and recommendations for securing the network connections, databases, and data mining applications of the Making Money Corporation (MMC) is the goal of this paper. The characteristics of the company's environment that impact the creation of a data mining and security strategy, the identification of roles involved in selecting a database and data mining security strategy are included in the analysis.

Recommendations are also provided for products that are most appropriate for the organization to use as part of their database and data mining security strategy. The analysis concludes with a recommendation of an enterprise-wide security strategy for the databases and data mining applications. Assessing the Characteristics of Making Money Corporation (MMC) MMC has a highly distributed organizational structure that has over time led to 30 branch locations being in operation.

These branch locations require real-time access to databases and data mining applications to serve existing customers and prospect for new ones in their regional areas. Connected to the corporate center via T1 line, each of these thirty regional offices has a domain controller, which through interdomain trust integration to the Microsoft Active Directory Domain, is capable of accessing corporate databases, financial systems and data mining applications. Each office also has an application controller to support the systems each branch office relies on operate daily.

The configuration of MMC's corporate center and regional offices is dependent on the development of interdomain trust relationships throughout Microsoft Active Directory. The validation of each branch's identity needs to occur with each login. Distributed database security concepts of interdomain trust relationships and the use of security audits to ensure that role-based access are being monitored are best practices in managing distributed database security (Harris, Sidwell, 1994).

Characteristics of the MMC environment that will affect the creation of a database and data mining security strategy are related to how well the company can change its existing processes and routines to complete random audits, and ensure that interdomain trust relationships are active on each of the domain controllers. The resistance to change that many branch managers and support personnel may have will be significant.

Overcoming this resistance to change by concentrating on the adoption of best practices in database and data mining security in remote locations is critical (Harris, Sidwell, 1994). Additional characteristics of the environment that need to be taken into account are the T1 connections and their relative levels of security at the physical level, the security of the TCP/IP connections over the network, and the configuration of the VPN options for the network.

If VPN tunneling is being used for connecting the remote offices to the central office, an analysis of IPSec vs. Secured Sockets Layer (SSL) also needs to be completed. All of these factors need to be taken into account in creating an enterprise-wide security strategy. By definition an enterprise-wide security strategy concentrates on the how the systems, processes, and procedures of a company are protected and hardened from external threats so that a company's strategic objectives and plans can be attained (Yang, Li, Deng, Bao, 2010).

An enterprise-wide security strategy then focuses on how to best coordinate it resources to the strategic needs of the company so they are highly secure and reliable (Yang, Li, Deng, Bao, 2010). Organizational Roles Involved in the Selection and Maintenance of a Database and Data Mining Security Strategy The C-level executives of any organization including the Chief Information officer (CIO) are the primarily responsible for the definition, selection, execution and maintenance of the company's database and data mining security strategy (Yang, Li, Deng, Bao, 2010).

Additional roles involved in the selection of the database and data mining security strategy include the Directors of System Infrastructure and Director of Business Intelligence or Analytics. In addition to these two Director-level positions, the roles of the users of the databases and data mining applications also need to be taken into account. The sales, marketing, product management, product marketing, and services departments all need to have access to the databases and data mining applications.

In addition, branch offices that access the company's applications over the shared T1 line will also need to have specific security roles assigned, especially if application and data are being accessed over the Web (Maheshwari, 1999). All of these roles must also be coordinated through the enterprise-wide security strategy (Yang, Li, Deng, Bao, 2010). Once this is accomplished, MMC will be able to more effectively attain its strategic plans with more secured systems.

Products for Ensuring Database and Data Mining Security Given how distributed the company's offices are and the heavy reliance, they have on the use of their T1 lines and the Internet for VoIP, it is crucial for MMC to invest in networking routing and packet detection equipment in addition to firewalls and individualized system network security. For the databases and data mining software, suing biometrics to secure them at the administrator level is highly advisable (Amoruso, Brooks, Riley, 2005).

In addition, the defining of IPSec protocols configuration options for the dedicated lines to the branches is advisable (Mattsson, 2009). For the 15 laptops in use, it is highly advisable that SSL-based VPN configurations also be included on them as well. The VoIP connections throughout the company also need to be benchmarked and audited for security to see how they can be improved. With audit and benchmark data the VoIP systems of a company can be significantly improved (Marsanu, 2006).

In conclusion, MMC needs to start with an assessment of its most potentially threatening areas of the distributed network, analyzed and monitor network traffic and also secure the access points of the network using firewalls and role-based authentication. The use of biometrics to limit access to only those members of the organization that need.