Data Server Security

Securing data requires a holistic and layered approach that takes into consideration the broad range of threats. This is commonly referred to as defense in depth, and requires a "security by design" approach, which espouses security as part of the core design of database environments, the supporting infrastructures and business practices around these environments. Multiple layers of security work together to provide the three ultimate objectives of security, commonly known as the CIA triad: confidentiality, integrity, and availability.

IBM understands these data security threats, and designs security features directly into its DB2® and Informix® families of data servers. Both data server families are designed with a wide range of security and auditing capabilities to help protect even the most critical data.

Table of contents

Best Practice - Data Server Security - 1. Introduction

Best Practice - Data Server Security - 2. Assessing your security needs

Best Practice - Data Server Security - 3. Threats

• Best Practice - Data Server Security - 3. Threats - 3.1. Data Threats
• Best Practice - Data Server Security - 3. Threats - 3.2. Configuration Threats
• Best Practice - Data Server Security - 3. Threats - 3.3. Audit Threats
• Best Practice - Data Server Security - 3. Threats - 3.4. Executable Threats

Best Practice - Data Server Security - 4. Recommended countermeasures

• Best Practice - Data Server Security - 4. Recommended countermeasures - 4.1. Data Threats
• Best Practice - Data Server Security - 4. Recommended countermeasures - 4.2. Recommendations on when to use Label-Based-Access-Control (LBAC)
• Best Practice - Data Server Security - 4. Recommended countermeasures - 4.3. Audit Threats
• Best Practice - Data Server Security - 4. Recommended countermeasures - 4.4. Configuration Threats
• Best Practice - Data Server Security - 4. Recommended countermeasures - 4.5. Executable Threats

Best Practice - Data Server Security - 5. Product Overviews

• Best Practice - Data Server Security - 5. Product Overviews - 5.1. IBM DB2 Version 9.5 for Linux, UNIX, and Windows
• Best Practice - Data Server Security - 5. Product Overviews - 5.2. IBM DB2 Version 9.1 for zOS
• Best Practice - Data Server Security - 5. Product Overviews - 5.3. IBM Informix Dynamic Server, Version 11
• Best Practice - Data Server Security - 5. Product Overviews - 5.4. IBM Database Encryption Expert, Version 1.1.1
• Best Practice - Data Server Security - 5. Product Overviews - 5.5. IBM Database Encryption Expert security policy overview
• Best Practice - Data Server Security - 5. Product Overviews - 5.6. IBM Optim
• Best Practice - Data Server Security - 5. Product Overviews - 5.7. IBM DB2 Audit Management Expert 1.1
• Best Practice - Data Server Security - 5. Product Overviews - 5.8. Resource Access Control Facility for zOS Security Server
• Best Practice - Data Server Security - 5. Product Overviews - 5.9. Application Transparent Transport Layer Security for zOS Communication Server

Best Practice - Data Server Security - 6. Conclusion