[The following is excerpted from "What Every Database Administrator Should Know About Security," a new report posted this week on Dark Reading's Database Security Tech Center.]
To say that there is friction between security professionals and database administrators (DBAs) is putting it mildly.
Database administrators are both the caretakers of database platforms and the managers of data. Very seldom are they also security experts. In many enterprises, the DBA and the security team find themselves at odds because the DBA is judged on availability and ease of use, not security. Yet the security team advocates controls that restrict access, add complexity and slow database performance. That’s not a recipe for keeping end users happy, and DBAs tend to bear the brunt of criticism.