IT 650 Principles Of Database And Design

 

Entity Relationships

Property-Apartment: Each Property will have multiple apartments, but never an apartment belongs to two different properties. For each property there will be at least one apartment for each property. So, the relations are always one-to-many (one or more).

Apartment-Lease: Each apartment will have only one lease at any given time, but there could be more than one lease record in the database. So, relation is one-to-many (zero or more). If apartment is not leased out, then it could have no Lease at all.

Tenant-Agreement: This is a junction object between lease and tenants. Since one lease can have one or more tenants and each tenant could sign one or more leases. Relation between Tenant and lease is many to many. To execute many-to-many relation between tenant and lease, tenant agreement acts as junction object.

Rent-Apartment: Each rent record is only associated with one Apartment. So, relation between Apartment and Rent is one-to-many (zero or more).

Tenant-Rent: Each rent record is only associated with one Tenant. Rent record will be created for each month and Tenant_id and Apartment_Id Foreign keys are populated as lookup values.

ServiceRequest-Tenant: On each service request, reported by is populated as a lookup value and the relation between Tenant and Service Request is one-to-many (zero or more).

ServiceRequest – Tenant: On each service request, Apartment is populated as a lookup value, this represent where service must be performed and the relation between Apartment and Service_Request is one-to-many (zero or more).

Physical Model

 

 

 

Analyzing Database Management System

There are several DBMS available in market and each database offers different functionality, compatibility and security (Coronel & Morris, 2016). Each DBMS has different pricing structure. So, it is important for to put a great deal of thought into evaluating all available DBMS and their functions to offer before building an application.

Feasibility: Prime concern is feasibility of DBMS with existing operating system or networking or any other existing hardware. For example, if company is using UNIX as operating system for all its application server then SQL server is not compatible. Feasibility of the database with web development programing language.

Price: Pricing of DBMS like SQL server and Oracle other enterprise DBMS are expensive and need to be considered into final product cost. MySQL, PostgreSQL and Berkeley DB are some of open source DBMS.

Programing: Programing languages like PHP have built in functions to MySQL, which makes development faster and easy. Java and Dot net also have API’s to different database including oracle, MySQL and SQL.

MySQL offers access methods like ADO.NET, JDBC and ODBC. Oracle offers access methods like ODP.Net, OCI (Oracle Call Interface) and SQL offers similar methods, JDBC, ODBC, ADO.net, TBS (Tabular Data Stream) and OLE DB.

Functional Differences

There is server functional difference when considering different databases. Parallel execution is only supported in Oracle, but in SQL it is sequential. Clustering is group of servers or nodes connected via network. Clustering is only allowed in Oracle 11g which allows more scalability.

Transaction control is different in SQL and Oracle. In SQL, all queries updating the records are executed in sequence and even if one transaction fails there is no proper way to roll back or handle errors. Properly group statements BEGIN TRANSACTION is used and if all the transactions are successful then COMMIT is executed otherwise ROLL BACK is executed. Where as in Oracle, each database connection is treated as new transaction and changes are not committed until COMMIT command is executed.

Skill Set: When considering any application, it is important to consider internal skill set to support it. If application is big part of the organization then a training plan should be in place to support, it. Software providers also provide support contracts, Oracle and SQL server can provide support contract, but MySQL is open source tool so there won’t be any support from service provider (Coronel & Morris, 2016).

Recommendation: Wild Wood Apartment is a very small application with records size not more than 1 million and Wild wood apartment is not a write intensive application. So, any database which has either internal support or with service provider support will suffice for this application.

Considering other software and hardware requirements for application development and application development platforms like force.com, oracle 11 g is the best platform. Force.com platform uses Oracle 11g as its database and provides Software as service in multi-tenant architecture (Coronel & Morris, 2016).

Force.com platform provide MVC model, which helps to build Data model, front end and business logic layer. Since software as service is provided as licenses per month per user, the cost of building the application is very less upfront and only must as you go.

Skill set, and training will be easy as the application development and administration is point and click and there are plenty of resources available online for learning force.com.

Hardware and software: No hardware and software are required for developing an application in force.com platform. Force.com is a multi-tenant, cloud-based application which provides Software-as-a-Service.

SQL scripts for creating in other environments: scripts are attached with the file, please execute them in UAT and Production to create database.

1. Property.sql

2. Apartment.sql

3. Lease.sql

4. Tenants_Agreements.sql

5. Tenants.sql

6. Service_Requests.sql

7. Rent.sql

Business Rules

Wild wood apartments have three departments Sales, Marketing and Customer Support. Sales deals with new leads coming into the system from external sources and follow up on the leads. Sales team have different application for lead management. Marketing team uses campaign management to advertise any deals on apartment and publish available apartments on different classifieds. Customer Support team uses this application mostly and they deal with all the tables in the database. In this section we will be documenting all Business rules pertaining to customer support.

Business rule is a statement which defines how the data is used in the organization. For example, SSN Field on TENANTS / CUSTOMERS table, in some organizations they only need last 4 digits and it is used only for customer or tenant authentication over phone. But in some organization, it requires 9 or 10 digits, which they use for credit report pulls. Even though field is SSN in both organizations, but they have different constraints. Similarly, number of tenants allowed on each lease or priority of service request etc.

Business rules are categorized into

· Field-Specific Business Rules

· Relationship-Specific Business rules

Business Rules:

Apartment:

1. Building number should be associated with each apartment.

2. Apartment Number should be unique and required on each record.

3. Bed_Rooms, Bath_rooms and SquareFoots are optional.

4. Rent should be currency field.

Lease:

1. ID should be unique 18 digit alphanumeric and always required.

2. Start date should always less than End date.

3. Start date and end date should be at least 3 months apart. Minimum lease allowed is 3 months.

Service Requests:

1. ID should be unique and auto generated number.

2. Type should be Maintenance, Incident and Inspection.

3. Default value for Type should be Incident.

4. Urgency field should be one of these values, High, Medium and Low.

5. Impact field should be one of these values, High, Medium and Low.

6. Default Impact and Urgency should LOW.

7. Reported By is required. If requests are created by automated process, then it should be integration user.

8. Cost of service and property should be optional.

Rent:

1. ID should be unique and auto generated number.

2. Amount should be required. J

3. Paid Date should current date and should only be allowed by admins to change.

4. Apartment is required and should be validated against Apartment table.

1. Rule: Building number should be associated with each apartment.

Constraint: Building_Number should be always populated. Without building number Apartment records will be an orphan record. It should never be null.

Type: Database oriented.

Category: Field Specific.

Test On: Insert and Update

Structure Affected:

· Field Name: Building_Number

· Table Name: Apartment

Field Element Affected:

· Null Support

· Required Value

· Edit rule

Action Taken: Required value set to “Yes” and Null Support was set to “No Null”

2. Rule: Apartment number should be associated with each apartment and should be unique.

Constraint: Apartment_number should be always populated. Apartment Number is unique identifier on Apartment table.

Type: Database oriented.

Category: Field Specific.

Test On: Insert and Update

Structure Affected:

· Field Name: Apartment_Number

· Table Name: Apartment

Field Element Affected:

· Null Support

· Required Value

· Edit rule

· Uniqueness

Action Taken: Required value set to “Yes”, Null Support was set to “No Null” and Unique value.

3. Rule: Bed rooms, Bath Rooms and Square foot on Apartment should be optional.

Constraint: Bed_rooms, Bath_Rooms and Square_Foots should allow Null values.

Type: Database oriented.

Category: Field Specific.

Test On: Insert and Update

Structure Affected:

· Field Name: Bed_rooms, Bath_Rooms and Square_Foots

· Table Name: Apartment

Field Element Affected:

· Null Support

· Required Value

· Edit rule

· Uniqueness

Action Taken: Required value set to “No”, Null Support was set to “Allow Null”.

Conclusion

Wild wood apartment’s property managers and headquarters managers maintaining the data in excel sheets. Data entry into excel is a manual process and prone to errors and aggregating data and creating reports is a time consuming and laborious process.

Data is maintained in silos and gathering all data and aggregating at corporate level is a difficult process. Excel sheets don’t provide an easy backup and archival method.

Database provides a central location for data storing, which makes it easy reporting and data analysis. Redundancy in data can be reduced by normalizing the data model. Managers at headquarters can report on monthly, quarterly and yearly (Conger, 2012). Data backup, security and archival becomes easy with database.

Property, Apartment, Tenant, Lease, Rent and Service request are the entity used in this database. Property stores building information, location, number of apartments, property manager. Apartment entity stores information related to each apartment, number of bedrooms, number of bathrooms and rent amount. Tenant entity stores information about each tenant, first name, last name, ssn and other personal information. Lease entity stores information like start date, end date of the lease and agreements. Rent Entity stores amount paid by each tenant and each month.

After analyzing different database and their software and hardware requirements we recommend Force.com platform with Oracle as database for Wild Wood Apartment application.

DBMS Research and Recommendation

Problem Background

The Wild Wood Apartments requires an IT solution for tracking employee activity, licenses, and to track their IT resources while preventing their system from potential virus & hacking threats, prevent data loss as well as AD HOC reporting of usage of software and hardware resources of the company. By deploying a good Database Management System (DBMS), this is easy to achieve.

Issues identified in the job shadow report

The Job shadow report of Wild Wood Apartments has indicated several issues within the existing system for example the issue of not tracking and identifying those on the system

· The glitches in the maintaining and servicing of desks and laptops.

· No office etiquette on how to use the existing system

· Previous versions are not restricted over the systems network.

· There is no restriction on the installation of third-party software

· There is no quick update of software to match the business requirements.

· The report is not accurate

 

 

Domain Research

Morning star needs a solution that can reduce the risks associated with the software and hardware assets of the company. Solution should be able to provide a 360-degree view of software and hardware assets, license ownerships, contracts and software usage measures. Users with administrative authority of the company should be able to:

1) Create effective license positions (ELP)

2) Track user activities or track the usage of deployed software and hardware assets

3) Help in reducing license and support cost.

4) reduce the hacking and intrusion risks.

Instead of deploying for Software Asset Management tool (SAM), we should be looking forward for a complete IT asset management tool because both software and hardware have different life span in different verticals of industry and knowing which computer which software on what license has is useless if we cannot spot the location of that system. Thus, we need a system which can serve both the purpose, and which can manage issues related to both type of assets, hence we need an effective IT asset management tool for our scenario.

Business Needs

Given below is the list of features that the DBMS package must be able to support:

Asset Tracking

Asset tracking is required to track and locate the IT resources of the company.

Audit Management

Database auditing is auditing or monitoring the actions of users performed on the database. Audit management is preferred for security reasons to ensure the use authorization and permit only those users with interacting the system who has permission.

Compliance Management

Compliance management is the process through which safeguards that all the employees and users are following the business rules set to use the system. We have seen in the shadow report that users are not following standard rules, how they should use the system. Thus, DBMS must be efficient to support compliance management.

Configuration Management

Refers to the control of changes made with the software. As we have seen that users are installing previous versions of the software or they are not updating software. Configuration management will help in this.

Contract Management

Contract management is the process of management of contracts made with the vendors, employees and service providers. As we are not only using software developed in-house, we are also using software provided by different vendors and developers, contract management is a very important module for our new system.

IT Service Management

ITSM is management of information systems used in delivering value services to customers. As many customers has complained about wrong records, we are considering a DBMS solution that will help us in IT service management.

License Management

One of the most crucial requirements of our scenario not only for the use of the company but also as required by the law. License management will the morning star company to control where and how software will be used and by tracking the validity of the license and with the help of asset tracking proposed DBMS solution will be able to save a lot of money in licensing and renewals.

Maintenance Management

We have discovered in job shadow report that there have been glitches in the maintenance of activities of the company. Thus, maintenance management will be available in the new solution.

Incident management

In case any intrusion is attempted, or any new device is introduced to the network of the company or any unauthorized device attempts to use the system and other similar activities that are unusual in nature or critical from security point of view are reported in due time.

List of DBMS packages shortlisted for the proposed solution of the scenario:

DB2 by IBM

ORACLE by ORACLE

SAP Adaptive server by SAP, Sybase

SQL Server by Microsoft

Strength and weakness of different database packages

Name	DB2	Microsoft SQL Server	ORACLE	SAP Adaptive Server
Implementation language	C++ and C	C++	C++ and C	C++ and C
Server operating systems	Windows AIX z/OS Linux Solaris HP-UX	Only Windows Platform	Windows AIX z/OS Linux Solaris HP-UX	Windows Unix AIX z/OS Linux Solaris HP-UX
Data scheme	True	True	True	True
Typing	True	True	True	True
XML support	True	True		False
Secondary indexes	True	True	True	True
SQL	True	True	True	True
Server-side scripts	True	.NET languages and Transact SQL	SQL/PL	Transact-SQL and Java
Triggers	True	True	True	True
MapReduce	False	False	False	False
Concurrency	True	True	True	True
Durability	True	True	True	True
In-memory capabilities		True	True
User concepts	well grained with access rights that are up to SQL-standard	well grained with access rights that are up to SQL-standard	well grained with access rights that are up to SQL-standard	well grained with access rights that are up to SQL-standard

 

Package Recommended

After conducting a detail analysis of all the technical and operational aspects of all the top four database packages in the industry and analyzing every technical specification with the business needs of our scenario, I would recommend ORACLE as the best choice. We have also seen that there are several features common in all the four databases but still ORACLE offers the best features which making it best choice for our scenario. For example, effective normalization is very important requirement in our scenario and ORACLE offers horizontal partitioning of database, which enhances the efficiency optimization, security, recovery and uptime. Another exclusive feature of ORACLE is that it provides brute force protection, which makes our database safe from hacking and intrusion and other kind of attacks and unauthorized access (Cobb Group, 2016).

Another advantage is that ORACLE supports most programming languages and in memory capabilities is as well experienced with ORACLE. ORACLE is exclusively having OS X support. All such features not only make ORACLE as preferred choice but there are benefits related to storage cost, high availability. One of the concerns while choosing the database for our scenario is that we are unaware of the company size, and their budget allocation for IT support services, thus ORACLE is one option where organization need not to worry about the hardware costs associated with DBMS. As we have discussed about audit management, ORACLE supports database audits. Analyzing technical specification mentioned above, ORACLE improves system performance and productivity. Overall, all the critical requirements of our scenario such as security, audit, performance, recovery and optimization are taken care of by ORACLE DBMS (Cobb Group, 2016). Some other advantages of ORACLE are its reduced server cost, storage cost. Considering programming capabilities and flexibility, security, optimization, cost, resources required, support over multiple platform I recommend ORACLE as the best DBMS package for the Wild Wood Apartments.

Software and hardware requirement for ORACLE pre-installation

Physical memory (RAM)	A Minimum of 1 GB
Disk space	5.26 GB in total
Processor	EM64T or AMD64
Video adapter	256 color

Visio Diagram Illustrating ORACLE DBMS

Database Data Model

Data Model

Data modeling refers to the process where a data-oriented structure is being explored in a computer system. Data models have several purposes ranging from high level models to physical models. Basing on the developer’s point of view, data modeling is quite identical to class modelling theoretically though the only difference is that with data modeling entity there is an added advantage when it comes to identifying entities.

A good number of existing information systems can store and refine data in the best possible way. Once the processing of information is done, the data is stored in the existing database. Wild woods as an organization has also tried utilizing its database by storing important information about their residents, clients and payments (Wachowicz, 2014). The data modeling process leads to the simplification and classification of data to create data sets that are more organized. Several methods can be employed in this process and these include using a Visio Diagram, Entity Relationship Diagrams and other methods. Wild Woods incorporates these data models in its database system hence easing the storing and retrieving of information.

Enterprise Data Model

History

During the 1980’s there was a negative influence that arose from data enterprise modeling and it took a long period of time for model to be rebuilt. The new model had no effect on the development or build of the systems. This however didn’t show any positive results and the developers felt that the model wasn’t of any use. In the 1990’s they redeveloped a model and corrected their mistakes. They came up with new approaches for example management of master data, enterprise information and information center for excellence.

Enterprise data modeling is defined as the developing of data attributes in a common view (Shi & Ji 2017). According to this data model, type access is granted to all the data that is scattered in the organization that is being managed by the existing departments using various tools existing in the database. An Enterprise data is employed while making a list of objectives that all the departments need to uphold the standard of the database system and the rules governing its use.

LIST OF OBJECTIVES

· To authenticate managers while entering leasing details of an apartment

· To provide authentication to managers while deleting the details of the apartment.

· Provide authentication to managers while editing the details of the apartment

· Provide authentication to managers while entering the details of the apartment

· To provide authentication to managers while tracking and generating the expense related reports.

In the Wild Wood Apartments, the use of an enterprise database model is clearly manifested due to the organization in the system and it gives residents the ability to access and store data easily. The model EDM has many functions when it comes to a database and these can be utilized while comparing data from various tenants in the scenario of Wild Wood Apartments Company. However, the company need to make significant changes to their database to have a better. While writing this paper, I put a lot of emphasis on the tenants because I thought about the various merits it would provide for the tenants

The enterprise data model of the Wild Woods Company is one of a kind since the tenants can perform several tasks while operating within it. Some of the major tasks include the registration process and the payment of relevant fees. The system only accepts serial numbers from the receipts of any charges that are paid though the bank. Online payment has not been incorporated into the system yet. The tenants also can change their details at any time once they are logged into the system. There is easy updating of the client records whilst using the EDM. Once a database is changed, the new system will have many new functionalities for example the use of passwords while trying to access individual accounts within the system. The use of passwords will also prevent unauthorized access of tenants’ accounts.

Enterprise Data Model Diagram

 

 

 

 

 

Operating Rules

Process of the operating rules of a manager

A manager can create, delete and make any necessary modifications. The manager can also delete any entries from the RENTAL TABLE to store the details of every apartment. THE UNIT KEY LINK table is used to verify and make association between the apartment unit and RENTAL INFORMATION.

The manager has power over any entry of details that are related to MAINTENANCE ACTIVITY across all the apartment units. Like the rental table, the UNIT KEY LINK is used to look up and verify information while associating the unit of the apartment with the MAINTENANCE INFORMATION. The incurred expenses are also recorded in the EXPENSE TYPE TABLE.

Manager at the Headquarters

Operating Rules

The manager at the headquarters has view access for the details of the entries that are made by the different managers in the apartment complexes. The manager at the headquarters also has the power to generate summary reports about rental and maintenance details of every single apartment.

The system should have internal controls since Wild Woods apartments is a big company. For effective internal control to happen, the company should have several individuals having access to a single database for example Wild Woods Company should have existing rules and security policies. This is done to prevent the various issues that might arise. Development of these authentication policies will prevent and limit any unauthorized access to the company’s information hence making it more secure (Dennis, Wixom & Tegarden, 2014).

All the databases should have a specific operating rule. The company has 20 buildings and a few apartments. The firm has rules of operation which tend to arise from the authenticated process of accessing the server while maintaining the load balance. An example of this is when the United Kingdom came up with a database of the country’s most wanted criminals and they announced that this information would be made public through their website; hence, they could realize load balance.

When the website was released to the public for use, the server crashed due to the failure in load balance. At the time servers being used by the website were not capable of handling the requests and load balance all at once. To avoid such from happening the Wild Wood company database will have enough load balance. For example, the server must solely depend on the requirements and needs of the tenants. While determining the availability of the load balance, the system analysts must ask themselves “how many tenants will store their information in the organization’s database?”

Rule Reflection

Rule reflection has a vital role in the process of building relations after the creation of the database. Wild Woods Company has a good relationship with its tenants hence information will be stored in the database mainly consisting of several tables with every attribute and aspect having been included. These attributes include employee names, social security number, tenants etc. In a scenario where tenants have a one-to one relationship with in the same database diagram, then the tenant’s key records will be stored in different tables.

In a scenario where the relationship is many-to- many, each record of the rent payment and tenants will be stored in different tables. Practically tenants should be able to use different payment methods. Practically, this means that Wild Woods apartments should have record of all transactions based on its tenants ranging from the date, payment, late payment and due date.

Entity Integrity: with each PK value, it shows that the relationship should be unique, and a relationship must exist. However, the Primary Key doesn’t always fulfill the uniqueness of a table while determining entity integrity.

Referential Integrity: it states that each Foreign Key must be like the PK value once they are put together in one table. Therefore, Referential Integrity is very vital in ensuring that there is an existing relationship amongst tables which helps in the creation correct information.

Insert and Delete Rules: this rule emphasizes that a foreign key should act a “sibling” to the PK. It also ensures that data is maintained between the parent (PK) and the child (FK). Insert button include automatic dependent, nullify, customized and automatic, that are developed from the user table. Delete button includes cascade, default, customized and restrict.

Law, Ethics, and Security

For a company to keep its data secure, there must be a perfect security plan in place or else they might not be able to keep up with the potential threats and risks in the current cyber world. For creating a perfect security plan, the management should look at different aspects for example the ethical and legal aspects. (Belangia, 2015)

Data Management Standards

In general, the data management process helps in the collection of raw data for it to be retrieved easily when it is required. The process of data collection should allow data editing, auditing and cleaning. The retrieved data should be interpreted then thoroughly analyzed. Some of the reasons why a good trial audit of data should be maintained include protection of intellectual property, publishing of one’s own work, defend the organization against allegations of unethical (illegal) conduct and to value both honesty and ethics. The trail audit should also follow the different federal institutions for example the FDA and HIPAA.

Legal compliance and ethical practices

Most of the approaches which address confidentiality of data are dependent on the type of data itself. Wild Wood apartments deals with the following types of data

1. Personal data: Each individual data is termed as personal data and it one can be identified only with that data. Data cannot be shared without the tenant’s consent.

2. Confidential data: This includes information that is business related and the payment information which must also be kept confidential amongst the tenants

3. Sensitive personal data: This is consisting of data that is related to a tenant’s ethnic origin, race, and should also be kept confidential amongst the tenants. (Belangia, 2015)

Ethical Practices

Standards to ensure ethical data operations

To guarantee that the operations related to the organization are in line with the ethics or not, the first step should be to properly define the operation of data in an organization. Once the process of data operation has been clearly defined, then an audit must be conducted to detect if there is any sort of deviation in the whole procedure. Below are some of the best record maintenance practices that should be followed while outlining the procedure of operating data;

· Must be thorough and complete: As an organization, there is need to perform timely checks on the records to see if they are updated because if the data is regarded incomplete then it might cause a lot of misinterpretation hence leading to inconsistency in the data.

· Safe storage: There is a need to ensure that data is safely stored. The system should be able to answer the questions that might arise concerning verification, clinical and other practical implications.

· Archive: Data should be archived in the best way possible to facilitate future retrieval in case it is required. Based on my project, the apartment complex data might need to retrieve details concerning rental and payment information for future use. Archived data can also be used to fulfil legal requirements arising from any errors in finances.

· As per my project: if a manager at the headquarter makes any changes to the maintenance fees then any adjustments that are made should be documented and they should give a reason for this while the audit is being carried out. If any discrepancies are discovered, then they should be dealt with in the most ethical way.

· Audit: In order to review all the data that has been input into the system, a continuous and detailed audit should be carried out by the supervisors to ease processing of data by the data entry team. During the audit, error log verification must be carried out to verify transactions that have been rejected to ensure that is no data loss (Belangia, 2015). For my project there is a data audit should be carried out from time to time so that we can limit the errors that might occur during data entry of managers for example fat fingers.

Security needs of the solution

In the previous milestone of my project, I chose the manager’s level of every complex and the relevant requirements and operational procedures for each manager. Each manager’s responsibilities include maintaining the repairs, costs, expenses rent and lease details that are in line with their performances. Each manager of an apartment complex has been granted access to the tenants’ personal and financial information. The managers have also been granted access to the vendors that carry out maintenance in the apartment. The code of ethics documentation must be properly outlined for the managers and they should read and adhere to what it requires (Fowler, 2016).

Corporate resources must not be used for any individual use and this should be prohibited. These managers must be trained and should be aware of all the data security related topics especially because it is importance of providing information concerning the ethical behavior of employees. It was also seen that most of these employees don’t undergo this technical training hence having unethical and unprofessional behaviors. Therefore, ethical and proper legal training must be provided to improve on an individual’s state of mind. Apart from the training, each manager is required to undergo a background verification check to prevent the violations that might have occurred in the past and to prevent any misuse of corporate assets (Howarth, 2014).

Database Security Management Plan

For the security management, a clear and concise plan must be developed for rapid action to be undertaken to make it easy to resolve issues that have been identified. For scenarios where there is damage or loss of data, it means that data was not well cared for. Unauthorized access of the central database is a major security risk when it comes to this project. Other forms of breach that might occur include unauthorized access of maintenance cost records and rental payment information etc. It would greatly aid the system users if a list containing contact information of who deals with these security issues was set aside so as for people to easily reach out to them in case any breach was to occur (Fowler, 2016).

The organization should also come up with an inventory of systems that have hosts, access and can process sensitive data. There is needing to properly maintain the system inventory for each database that has been used across the organization and to establish the sensitive data in the databases. Must be prepared which can access, hosts and process the data which I sensitive.

For smooth operation of the system, vulnerability scans should be performed to help the IT support to detect any intrusion in the system. There is also needing to identify, evaluate and to rectify all the system’s vulnerabilities in each layer for example the network server that exposes the database in most scenarios. The system owners should also implement the least privileges policy that consists of the identification of user entitlements and the enforcement of access controls within the system. There should be a limit to the access privileges that are issued to employees that is enough to help them get work done. The database should be closely monitored for any deviations.