I had a client recently who refused to put any money into securing his system.
Despite my multiple suggestions, he said it was unnecessary because he trusts all his guys.
It’s a critical system, that could actually get his business shut down if the data is wrong.
It’s a great system that saves him countless hours of tracking down paperwork, but it’s only going to be great as long as nobody messes with it, whether intentionally or even accidentally.
All it takes is one disgruntled employee to start messing with old data. Change a couple older records today that you won’t notice.
And a couple more tomorrow.
Over a span of months, you have a serious problem.
Backups won’t help at that point. You won’t know when the data manipulation started to happen, and restoring a backup from before that point means you’ve lost all your data since then.
Better safe than sorry.
Trust (your employees), but verify.
One second… I’m trying to think of other clichés I could use here…
But seriously, it’s a small investment up front to avoid a disaster later.
It will take time to put security in place, but it’s far less than the time it takes to fix a corrupted database.
I am a computer programmer specializing in building database software with ASP.NET MVC, C#, and SQL Server.