Example Of Article Review On Alarming Statistics

Introduction

Vulnerability of databases is a growing concern in the business world (Britt, 2007). While organizations are devising techniques to mitigate the problem of vulnerability, those who are infiltrating the databases are becoming more sophisticated in their techniques (Vizard, 2007).
In this paper we examine the possibility of exploitation due to vulnerability of cloud databases. We also present some statistics in this respect and propose solutions to the problem of vulnerability. For this purpose we have chosen an article published by INFOSEC in Data Recovery, General Security. The article lists ten threats to security and proposes solutions to counter these threats. Some statistics are presented at the end of the article. We present the statistics; summarize the said threats and solutions in the following paragraphs.
INFOSEC (2013), Databases—Vulnerabilities, Costs of Data Breaches and Countermeasures by Pierluigi Paganini, posted in data recovery, general security on August 26, 2013Retrived From http://resources.infosecinstitute.com/databases-vulnerabilities-costs-of-data-breaches-and-countermeasures/
In his article, Paganini (2013) examines the top ten threats to databases, and how the vulnerabilities are exploited to gain unauthorized access to data. A breach in data security can result in high costs to the organization. In the case of small firms this threat is magnified because of the small size of the business and its inability to sustain losses. Citing Ponemon (2013), Paganini states that the average per capita cost of one incidence of breach increased from 79 pounds to 86 pounds during 2012 and the cost is still rising.

The total organizational costs increased from 1.75 million GBP to 2.04 million GBP. This accounts for 37% of the total number of breaches. Of these malicious attacks account for an increase from malicious attacks also increased, from 31% to 34% of the total number of breaches with a per capita cost of 102 GBP. Per capita cost on account of failure of business process was 79 pounds and the cost of lost data was 76 GBP per record lost. Loss of business due to data security breaches rose from 779 thousand pounds to 921 thousand pounds between 2011 and 2012. This includes abnormal turnover, increased cost of customer acquisition, and decreased goodwill. Loss in business has doubled over the six years since 2007. Costs of detection that is costs of counsel, and monies spent in analysing the situation, increased from about 451 thousand pounds to 508 thousand pounds from 2011 to 2012.

The Threats

Paganini (2013) identifies ten main reasons for the alarming increase in database breaches and the resultant losses. These include abuse of privilege including legal abuse, elevation of privilege, misconfiguration, and injection of SQL statements in code, malicious software, Denial of Service (DOS), vulnerable communication protocols, unauthorized copying, and vulnerable backup protocol.
He recommends multi-layered security as a solution to communication protocol and privilege abuse. Privileges should be granted in moderation on a need basis in order to limit access to data in the first place. Granting unnecessary or unlimited privileges results in what Paganini calls “increase of the attack surface”. Also access should be managed at multiple levels such as database level, query level, and application level. Time of the day control is another strategy advocated by Paganini. He suggests that users be granted access at certain times of the day in order to limit and monitor their activities. Security at database level could be reduced if the databases are configured properly. Setting up patch management and limited time access through the use of patches could greatly reduce the risk of infiltration. Access control at the query level could control and greatly reduce the injections of SQL statements for unauthorized access. An overabundance of queries would result in the denial of access to legitimate users. Such a situation could be avoided if databases are properly designed and a multi-layer system of communication is adopted. Identifying the databases clearly and clearly defining access for each unit of data whether current or achieved will further serve to mitigate risks. Finally a good backup strategy will ensure easy restoration of impacted databases and loss incurred as a result of breach could be greatly reduced.

Conclusion

The article by Paganini (2013) examines the threats to the databases and suggests solutions to these threats. With the advent of cloud computing, data on demand is a fast growing need of the consumer. In order to meet his demand, analysts, designers, and programmers are designing databases and writing programs in shorter time. Because of the time constraint, often protocol is not adhered to. This results in a vulnerable system and ultimately higher costs. The need of the hour therefore is to follow proper procedure while designing information systems. The time that is seemingly wasted in analysis and design will prove a good investment in the long run.

References

Britt, P. (2007, February). Tightening Security in 2007 Information Today Retrieved March 23, 2007 from http://0search.ebscohost.com.janus.uoregon.edu:80/login.aspx?direct=true&db=buh&AN=23878734&loginpage=login.asp&site=ehost-live
Vizard, M. (2007) TIME TO GET TOUGH ON SECURITY THREATS. Baseline Retrieved April 1, 2007 from Business Source Premier Database.
Database in the field of Healthcare
Introduction
In the field of healthcare, databases serve a special requirement. Data regarding patient care is distinct from administrative data. Another category of data is in the area of education and research. Data required in these three areas of healthcare are diverse and the required outputs from analytics too are diverse. Too the facilities available at healthcare institutions are not uniform. Requirements therefore vary from institution to institution. In the following paragraphs we examine the nature of database management in healthcare with specific reference to critical care management. For this purpose we have selected an article by Greg S. Martin entitled The essential nature of healthcare databases in critical care medicine. The article published in NCBI (National Centre for Biotechnology Information) examines the needs and suggests ways in which databases may be effectively used to provide better critical care to patients (Raghupathi & Raghupathi, 2014)
Martin (2008) The essential nature of healthcare databases in critical care medicine by Greg S Martin Criti Care. 2008; 12(5): 176. Published online 2008 Sep 1. doi: 10.1186/cc6993 PMCID: PMC2592733 Retrieved From http://www.ncbi.nlm.nih.gov/pmc/articles/PMC2592733/
Martin emphasizes the vitality of healthcare data. He cites Misset et al (2008) in stating that the data in healthcare may be used for assessment of certain conditions in certain patients or it may be used to assess performance of institutions at district, state and national levels. Data may also be required with regard to prevalence of certain diseases, and differences in prevalence and nature of different diseases in different countries. Data with respect to epidemiology of disease and studying the occurrence and outcomes of specific diseases is helpful in studying trends, planning, and allocating resources for healthcare. In critical care there exist many database systems such as Acute Physiology and Chronic Health Evaluation (APACHE), Project Impact Critical Care Medicine (PICCM), Case Mix Program Database, Intensive Care National Audit and Research Centre (ICNARC), Collège des Utilisateurs de Bases de données en Réanimation (Cub-Réa), and OutcomeRea. Some success has been achieved in developing condition-specific databases such as the US National Registry of Cardiopulmonary Ressuciation, and PROGRESS registry. The purpose of many of these registries has expanded from the original intent of providing knowledge about specific diseases and conditions to including the information in research. For example the HCUP has permitted studying longitudinal trends in catheterization of the pulmonary artery; APACHE has permitted relating the hospital volume to outcomes of patients who are mechanically ventilated.
Martin also points out the limitations to using these databases with regard to quality and scope of the data. Databases are limited by their potential use. For example the HCUP database provides information about the admission, diagnosis, procedures, and cost of treatment whereas APACHE provides information about physiology and pathology. Too says Martin, the coding by two different experts on the same database is based on their interpretation of medical records. The need of the hour therefore is to develop a comprehensive database that contains accurate data. Such a database would help the critical care practitioners to better serve their patients.
Conclusion
References
Big data analytics in healthcare: promise and potential by Wullianallur Raghupathi and Viju Raghupathi Raghupathi and Raghupathi Health Information Science and Systems 2014, 2:3 http://www.hissjournal.com/content/2/1/3 Retrieved From http://www.hissjournal.com/content/pdf/2047-2501-2-3.pdf
Cloud Computing
Introduction
With the advancement in technology, more and more businesses are adopting cloud computing. Cloud computing is a new networking technology that allows users to access data from any location and from any device. The network is leased from cloud service providers (CSPs). Cloud computing or simply the cloud as it is popularly called, is highly scalable and provides seemingly unlimited storage. The two biggest advantages of cloud computing that attract businesses is its unlimited storage capacity and easy accessibility. Like every new technology, cloud computing comes with its own set of advantages and disadvantages. Say Kuyoro et al (2011) security is one of the main problems impeding the rapid growth of cloud computing. Businesses are reluctant to hand over their data to another company. The risk of breach and the idea of being dependant on the service provider for their data is what inhibits companies from adopting cloud computing.
Data security assumes greater importance in the field of healthcare. While investigating the impact of cloud computing on the healthcare industry, the Cloud Standards Customer Council advises that users of the service must have a clear understanding of the benefits accruing from and the risks associated with the technology. Selecting the service provider, the deployment model, and the data that should be stored on the cloud must be carefully thought out decisions.
In an effort to understand the security issues with respect to cloud computing, we summarize below an article by Sumit Passary of TechTimes. In this article, Passary stresses on the importance of addressing the issue of data security in cloud computing.
Cloud computing is the future but not if security problems persist By Sumit Passary, Tech Times June 15 Retrieved From http://www.techtimes.com/articles/8449/20140615/cloud-computing-is-the-future-but-not-if-security-problems-persist.htm
Sumit Passary of the Tech Times emphasizes the issue security in cloud computing. He cites Rajat Bhargava of JumpCloud as saying that when an organization does not own the network it is open to the world.
The Open Data Center Alliance, a group that owns top IT companies like Infosys, SAP and Disney, has many cloud enthusiasts as members. Members of this alliance have expressed concerns regarding the security of cloud computing. A survey showed that 80% of the Alliance members were hesitant about adopting cloud computing. A survey of the market showed that 47% of the participants were concerned about being tied to one provider. On the other hand even a giant like Amazon showed failure in 2012 when users were unable to access their data,
On a more positive note, experts say that this is the beginning and a transition stage. Providers will address the issue of security in order to expand and grow their business.
Conclusion
While the advantages of cloud computing are many, the chief among them are service on demand and unlimited & cheap storage for large volumes of data. In the healthcare industry data required is varied and often huge. Cloud computing is therefore has a definite advantage for healthcare industry. IT experts however caution users who adopt cloud computing about some of the challenges in using the technology. One of the major concerns that experts are debating is regarding the security of data. Cloud data is scaled across several networks and stored on multiple servers. Those employed with service providers have access to the data. Therefore the security of data has become a matter of concern among users of cloud. Data in the healthcare industry is highly sensitive and privacy is a big concern. Therefore while cloud computing can prove greatly advantageous in healthcare, it must be adopted with great caution.
References
Kuyoro et al (2011) Cloud Computing Security Issues and Challenges Kuyoro S. O., Ibikunle F. & Awodele O. International Journal of Computer Networks (IJCN), Volume (3) Issue (5): 2011 247, Retrieved From http://www.cscjournals.org/manuscript/Journals/IJCN/volume3/Issue5/IJCN-176.pdf
CSCC (2012), Impact of Cloud Computing on Healthcare Copyright © 2012 Cloud Standards Customer Council Retrieved From http://www.cloud-council.org/cscchealthcare110512.pdf