Bespoke database Web Apps / Applications and Software

Bespoke Database Applications

How Secure is Your Data?

Keeping your data secure means a lot of things, not just making sure no one can access it.  This is becoming more important as a number of high profile data leaks hit the headlines and GDPR regulations are imminent. A secure centralised database will help to maintain your data in a safe environment where you can have more control over its access. Discussed below are the main aspects of keeping your data secure with a database solution.
 

Back-up of data

One issue with any data is that it can be lost or corrupted, so there is always a need for it to be backed up.  Having the data stored in a core part of the server generally means that the data is backed up on a regular basis as part of the server security plan.  If not already sorted in this way, backing up a single central database is easier than backing up data sources that could be spread between different users and different machines.
 

Single copy no duplication - data integrity

Using a single database means that you do not need to work out if you are using the latest copy of the data.  Duplication of data can lead to the data becoming corrupted if users re-introduce earlier versions od saved spreadsheets. If everyone uses the same single data source this duplication risk is eliminated
 

Can’t be emailed to anyone easily

A way for data to be passed out of a company is to email it or save it to a USB device.  A central database with software is structured to provide the end users with just the data that they need for a task.  Normal users would not have access to the raw database and hence all of the data.
 

Control access

Using a central database with applications wrapped around it means that you can decide who has / needs access to what data, for what purpose.  This access can then be controlled by the use of password protection.  This can be revoked by an admin user quickly if required.  An admin user can also decide who has access at any given point.
 
Passwords help to protect the data from unauthorised access and logins can be tracked for security.
 

Process around input and output helps control data integrity

The integrity of your data can be maintained by controlling who can input updates and new data to the system.  The software can also be used to check that the data is formatted correctly before it is entered into the database, again avoiding corruption and helping to maintain integrity.  
 

Reliable hardware and software around the database

The hardware and software used for centralised databases and servers is more secure than a desktop environment.  The components are designed to run for longer periods of time without breaking down.  This reliability will help to maintain access to the database and also minimise loss of data from hardware or software failure.
 

Access to the database

Care needs to be taken in any programming for your application that the data is protected and that unauthorised access cannot be gained.  There are a number of known vulnerabilities which good software programming will close.  The database typically sits alongside the software on a server and this further protects the data from being passed around un-processed.  Where data is passed between servers or machines techniques can be deployed to protect this data.
 

Secure sessions and data transfer

The server needs to make use of a secure protocol for transferring data between the browser and the server.  Secure protocols such as TLS (transport Layer Security) are well understood to eliminate the data being intercepted and maintaining a private session for your data work.  
 

Store specific data fields securely

Even within the database it may be necessary to store parts or all of the data securely, such as passwords or personal information.  There are a number of techniques for encoding the data prior to storage to then make it secure in the event the database is hacked.  
 

Compare security vs a spreadsheet

  • Data integrity through input - you can enter any data into a spreadsheet cell without it being checked and verified its the correct type, easily overwriting a number cell with text.
  • Data duplication - spreadsheet easily copied and passed around becoming out of date
  • Access control - yes you can password protect a spreadsheet but you can’t specify who can access what sheets
  • Hardware reliability - spreadsheets are typically stored on a PC and hence prone to loss, breakage or theft.
  • Back-up - has the PC been backed-up?  Maybe not an issue if the spreadsheet is stored on a file server or shared system.
  • Restrict parts of the data - you can’t restrict parts of the data to specific users its all or nothing
  • Secure sessions - less of an issue with spreadsheets as all of the data will be local to the machine anyway.
 
If you are using a spreadsheet and think that a secure database would be a better solution please give us a call and we will be happy to discuss this with you
 

Read More Blog Posts ...

Blog Author

Mark Carver, Director of Activ-STEP  has over 25 years of technology marketing experience,  with the last 14 years running his own successful technology marketing agency.  Mark prides himself on his attention to detail and the ability to deliver projects to cost and time pressures.  Mark has completed numerous projects over the past 14 years, whilst at Activ-STEP.  Clients have benefitted from his strategic perspective to marketing as well as an excellent understanding of technology and how it can be applied.

Mark is now using his skills to build web based database applications to help businesses improve their data security, accessability, communication and efficiency.  Mark has built numerous websites and associated applications which have taken the data from a spreadsheet and built a web based apps.

Programming language logos