- 4chan hell raisers finding fame brings heat?
- The 10 dumbest mistakes network managers make
- NetApp quits bidding war in face of EMC opposition
- CompuServe closes after 30 years
- Google to launch open-source Chrome OS this year
When you enter your credit card information into a Web form, you can take comfort in the reassuring padlock icon on your browser. Peek behind the vendor’s network perimeter, though, and you might lose some sleep.
Although companies assure us that transactions are protected in transit by the “military grade” encryption offered by Secure Sockets Layer, once the data pass behind the companies’ perimeter it is often protected by much weaker security, if at all. Last week in Florida, a spammer was indicted on 139 counts for reportedly stealing 8.2G bytes of personal data from a company that stores information on “virtually every adult in the U.S.” The digital heist was reportedly perpetrated using a legitimate username and password acquired while working for a company contracted by the victim.
Information protection in the data center is critical to the overall security of a company’s data. Computer-crime statistics show that the majority of computer security breaches (80%, according to a CSI/FBI 2003 Survey - see link below) are committed by insiders, yet data centers are filled with unprotected sensitive data.
One of the greatest risks comes from information sitting in databases, where it can be stolen en masse and at leisure. Unlike data in transit, which is fleeting and requires sophisticated “eavesdropping,” data in databases is often accessible by a wide range of systems and users: Web servers, back-up systems, database administrators and data-entry personnel. Although all databases provide access control, it is often difficult to apply and maintain these security measures consistently. Guardium and Ingrian are two vendors that are addressing this problem from two different angles.
Guardium’s SQL Guard security appliance can be placed on a network segment next to a database server to monitor all database queries. Although similar products have existed for performance monitoring, SQL Guard focuses on securing database access. As a monitor it can examine each database query to identify the who, when, what and where of each access request. After monitoring “normal” access for a while, administrators of the appliance can define a baseline policy and be alerted to “exceptions” that may indicate foul play. Furthermore, if the appliance is placed in-line (in front of the database) it can also perform access control and actively block queries that deviate from the policy.
The Leader in Network Knowledge
Partner Content
Explore the Ultrium Edge
The powerful tape technology can address data security with tape encryption as well as long term data protection.
Find Out More
Disk and Tape Square Off
Discover what disk and tape really cost and which solution provides lower total cost of ownership and optimizes energy use for your organization
Download this White Paper
Don't Fall for the Myths
The Clipper Group explores the truth behind the myths of tape, digging into the misconceptions in the disk vs. tape debate.
Review this information
information examination
An examination of information security issues, methods and securing data with LTO-4 tape drive encryption
Read this analysis
Comment