Independent Survey On Database Security Reveals Link Between Privileged Users, Breaches

Aberdeen Group reports that best-in-class organizations that implement internal controls suffer fewer data loss incidents

December 10, 2008

2 Min Read


REDWOOD SHORES, Calif., Dec. 10, 2008 " Imperva, the leader in application data security, today announced that key findings in a new independent benchmark report conducted by Aberdeen Group reveal that monitoring privileged database users significantly reduces data loss. In a newly published survey report of more than 120 enterprises entitled 'Protecing the Database: When (Most of) the Eggs are in One Basket,' Of the Best-in-Class organizations surveyed by Aberdeen, two thirds reported that they:

Monitor database administrator activities Enforce separation of duties for database administrators Block database activities that are in violation of established policies

In comparison, less than one third of organizations ranked as Laggards in the survey monitor privileged insiders.

Organizations with Best-in-Class performance at protecting the database enjoyed substantial year-over-year advantages over those with lagging performance, including:

8% fewer incidents of data loss or data exposure related to database security 10% fewer audit deficiencies related to database security

"In this study, respondents estimated that databases are the repository for nearly two-thirds of their sensitive data, so it's no surprise that the results show organizations that monitor privileged user activity suffer fewer data losses," said Derek E. Brink, vice president and research fellow for IT Security, Aberdeen. "The payoff for monitoring insiders can be significant from several perspectives, including security, risk management, compliance and cost."

"This Aberdeen report establishes and quantifies the risk organizations are taking by not monitoring the actions of privileged insiders, as well as the payback for companies that implement database activity monitoring," said Mark Kraynak, senior director of strategic marketing for Imperva. "Unlike native database auditing mechanisms, a database monitoring product like Imperva SecureSphere cannot be turned off by a privileged user or database administrator to cover up illicit activities."

To download a complimentary copy of the report 'Protecing the Database: When (Most of) the Eggs are in One Basket' please visit:

About Imperva Imperva, the leader in application data security, delivers activity monitoring, real-time protection, and risk management solutions for business applications and data. Imperva's practical solutions provide full visibility into sensitive data, database and application access, enabling granular control and maintenance of critical data. Over 4500 of the world's leading enterprises and government organizations in over 35 countries rely on Imperva's automated, scalable and business-relevant solutions to prevent data theft, data abuse and ensure data integrity. For more information, visit

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights