Steven is always a good read.
Assessing Threats, Vulnerabilities, and Risks to FileMaker Pro Databases
Posted by Steven H. Blackwell, 05 June 2013 · 331 views
Assessing Threats, Vulnerabilities, and Risks to
FileMaker® Pro Databases
Hosted FileMaker Pro databases are susceptible to unauthorized access, manipulation, destruction, and other forms of compromise. Developers and server administrators need to understand how to assess threats and the risks of those risk’s occurring as various threat agents seek to exploit vulnerabilities.
This process starts with an understanding of the environment where the databases operate. We have a variety of digital assets that we must seek to protect. Nowadays, for the most part, the assets we are most concerned about are the hosted databases and the information in them.. We need to be able to protect the Confidentiality, Integrity, and Availability (CIA) of those digital assets.
When a breach of CIA occurs there will be an impact on the digital asset. Understanding and predicting the level of that impact is an important aspect of the assessment we must make. We can generally classify the level of impact into one of four categories:
1. Limited Adverse Impact
2. Serious Adverse Impact
3. Severe Adverse Impact
4. Catastrophic Adverse Impact
The targets of that impact are the people, the assets, the operations, and the reputation of the organization that owns the asset whose CIA is breached. The same event, e.g. a breach of Confidentiality of the asset, may have very different levels of impact on each different target. Likewise, on the same target, a breach of Integrity may have a far more adverse impact than a breach of Confidentiality would.
via Assessing Threats, Vulnerabilities, and Risks to FileMaker Pro Databases – FMForums.