Summary: With attacks and internal data theft increasing, organizations need to increase the security of their databases beyond traditional methods, by especially those that contain private data. This can be done by developing a security policy which is a framework of control mechanisms for authentication, authorization and access control mechanisms to enforce role separation, database auditing, monitoring, network and data encryption, data masking based on site needs and environment. organization. To develop a high-quality security strategy, detailed knowledge and understanding of database control mechanisms is necessary. The main objective of this article is therefore to give a detailed description of the security mechanisms available until today and to build a security strategy according to the needs and environment of the organization. Using the acquired knowledge, a working prototype which is a security strategy is designed, developed and evaluated for an organization according to the described scenario which contains the challenges or threats and the current security mechanisms used in the organization. Finally, a security strategy is developed that can help the organization protect its information assets and private data from internal and external attacks. Introduction: Databases contain sensitive and important information about an organization. The fundamental element of any organization is to protect those information resources that support the organization's critical operations from unauthorized access, modification or disclosure. The organization's main threat is protecting its gigabytes of data from the prying eyes of outsiders and unauthorized insiders. attempt to override their authority. ...... middle of paper ...... managed to introduce changes into the database, they were spotted as intruders in the following command. The results of detection latency and performance overhead are mentioned both under normal conditions and under high load conditions. The author finally concluded that “the detection coverage was 100%, if we consider the sequence of orders inside the transaction in reality” [Fonseca, 2008]. Research Limitations: The proposed mechanism for the online detection technique of malicious data access only applies to users who execute ad hoc queries, which can be considered as a limitation of the article. Relation to your article: Simultaneous detection of malicious data access capabilities in the DBMS will provide an additional layer for the security mechanism used. This mechanism can provide another layer of security in the security strategy which is the main focus of my article..