Dark Reading
Protect The Business - Enable Access
 |
Data security and privacy: A holistic approach Download here |
How To Defend Your Database From Malicious Insiders
The biggest threat to your sensitive information might be those who are authorized to access it. Here are some tips on how to defend your organization By Adrian Lane, Contributing WriterThe insider threat is by no means the only—or, for some firms, even the principal—danger to data. However, when it comes to databases, the techniques used by external hackers will result in exactly the same behavior as that of a rogue insider. Likewise, the methods used to detect an attack and limit damage are essentially the same, regardless of where the attack originates.
Where things get tricky is that insider threat protection has the dual responsibility of protecting data while minimizing the impact on legitimate data access. And make no mistake: The value of data to a company increases as more people can use that data. Access makes users’ jobs easier and improves the quality of their work. Data is valuable in use. It’s why companies invest so much time and money in IT systems—to make it easy for trusted employees to access information as they need it.
But, unfortunately, an open-door policy for data access means insiders and outsiders are likely to take whatever they want. And it’s not just credit card numbers and personally identifiable information (PII), but company financials, sales data, and intellectual property that are easily leveraged for gain.
Fortunately, the strategies for minimizing damage from credentialed users are straightforward: isolate user access to narrow sets of data; gate data access based on specific business conditions; and monitor usage.
The first two strategies are all about ensuring that the right users access the right data, and that users have access only to the data necessary to do their jobs. User roles should be segregated to narrow the scope of resources available, and each user should be uniquely identified so you can determine who did what when.
These user controls must be augmented with data controls, further limiting access to data depending on the attributes associated with any given user session. These steps set conditions that limit what any given user can access, reducing damage that can result from an attack. Think of these as the black-and-white boundaries between approved and unapproved access.
The final strategy, database monitoring, addresses the gray area between static access controls. Monitoring provides the capability to forensically identify misuse and proactively detect a data breach when valid permissions are abused. By closely examining user actions, security pros can more effectively determine whether users’ intentions are malicious. Monitoring is how we sniff out suspicious—yet technically approved—access.
To get a detailed explanation of how to implement these strategies in your organization -- and to get an in-depth description of the technologies that support them -- download the full report on protecting databases from malicious insiders.
Have a comment on this story? Please click "Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.
 |
To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy. |
Subscribe to RSSDatabase Security Reports
Securing The Data Warehouse
Many enterprises are building data warehouses to centralize the ever-increasing information flowing through their organizations into useful repositories. This makes good business sense, but it opens up a slew of concerns from a security standpoint. IT professionals can apply many of the same security best practices used with databases, but there are new lessons to be learned as well.
Defend Your Data From Malicious Insiders
The biggest threat to your company?s most sensitive data may be the employee who has legitimate access to corporate databases but less-than-legitimate intentions. And while the incidence of insider data breaches has decreased, external attacks often imitate them--and do serious damage. Follow our advice to mitigate the risk.
Ensuring Secure Database Access
Role-based access control based on least user privilege is one of the most effective ways to prevent the compromise of corporate data. But proper provisioning is a growing challenging, due to the proliferation of "big data," NoSQLdatabases, and cloud-based data storage.
Other reports from the Database Security Tech Center:
- Stop SQL Injection: Don't Let Thieves in Through Your Web Apps
- Database Breaches: Lessons Learned From Real-World Attacks
- The Long Arm Of Database Security
- DB2 Gets Safer: IBM Makes Security a Priority
- Database Security: Oracle Offers New Tools to Counter Threats
- You've Been Breached: Responding to a Database Compromise
- Beyond the Database: Protecting Unstructured Data
- Protecting Databases from Web Applications
- Database Activity Monitoring: Emerging Technology Keeps Tabs on Assets
- SQL Injection: A Major Threat to Data Security
- Protecting Your Databases From Careless End Users
- A Database Administrator's Guide to Security
- Why Your Databases Are Vulnerable To Attack - And What You Can Do About It
Related Content
| Sponsored by: |  |
Establishing a Strategy for Database Security is No Longer Optional
As databases continue to grow in size, complexity and importance, enterprises struggle to identify the most appropriate controls regarding their use and misuse. The report identifies best practices, including: Implementing database activity monitoring to mitigate the high levels of risk from database vulnerabilities, and address audit findings in areas such as database segregation of duties and change management; using data security measures, such as data masking and data encryption; and monitoring privileged-user access and access to critical data.
Database Activity Monitoring Is Evolving Into Database Audit and Protection
In this report, Gartner writes that "Database audit and protection (DAP) represents an evolutionary advance in database activity monitoring tools." DAP suites provide comprehensive, cross-platform support in heterogeneous database environments to protect sensitive data from inappropriate use. Organizations are increasingly concerned with optimizing database security and mitigating risks associated with database vulnerabilities.
Protecting Against Database Attacks and Insider Threats: Top 5 Scenarios
Data security presents a multi-dimensional challenge in today's complex IT environment. Multiple access paths and permission levels have resulted in a broad array of security threats and vulnerabilities. We invite you to read this new eBook: "Protecting against database attacks and insider threats" to learn the top five scenarios and essential best practices for preventing database attacks and insider threats.
Demo: Distributed Database Security with Real-time Monitoring and Audit Protection
Organizations across the globe continue to experience compromised data caused by malicious attacks, web application vulnerabilities or unauthorized changes. View this demo and learn how IBM InfoSphere Guardium? database activity monitoring can help protect your sensitive data in distributed DBMS environments with a holistic approach to data security and compliance.
Look Beyond Native Database Auditing To Improve Security, Audit Visibility, And Real-Time Protection
Today's attacks on enterprise databases are more sophisticated than ever, and they occur so fast that it's often difficult to stop them in real time. Despite significant efforts to protect enterprise databases, the number of records breached has grown each year - due to all types of internal and external attacks and violations of corporate policy.
Database Security Newsfeed
- Cyber-Ark Partners With Carahsoft To Deliver IT Security Solutions To Government Sector
- Guidance Software Launches Encas App Central
- Varonis Research Uncovers What IT Security Wants Most From Big Data
- Check Point Report: More Than Half Of Targeted Attacks Driven By Financial Fraud
- Veracode Infographic On Cybersecurity Risks In Public Companies
- Digital Defense Identifies Vulnerability On Epicor Software Interface
MORE NEWSFEED >>>
- Entering the Scrum: Taking the First Steps on Your Agile Journey
- Powering your Business with IBM's New 2s General Purpose Servers
- High-Frequency Trading: The Good, The Bad and The Ugly
- How to Build a Next-Generation Big Data Architecture
- Insurance Workforce Optimization: How To Work Smarter To Benefit Your Customers, Employees and the Bottom Line
- IDC white paper: Delivering an Integrated Infrastructure for the Cloud
- Using storage to extend the benefits of virtualization and iSCSI
- TDWI Monograph Series: Seven Keys to High-Performance Data Management for Advanced Analytics
- Gartner Research Picking the Right Server Type to Solve Your Data Center Space, Power and Heat Problems
- Evaluator Group: HP's Converged Storage A Vision for Emerging Customer Requirements
