Latest Security News and Articles
Computer-Security-Software- Download the latest in PC Security Software.
PC Monitoring Software for Parents!
Spyware Removal Software!
Latest Security News and Articles!
Latest Security News & Articles
Get up and stay up to date with the latest in Computer Security News! Check out Articles written by security experts!
Security Software Categories!
Newsletter Registration!
Opt In for "The Secure PC Newsletter" where we cover the latest in Computer Security Software. Your email willl only be used for this newsletter we will not use it for any other purpose. NO SPAM!!
Search this site!
Search:

sitemap

Computer Security Software > Daily Articles

Protecting Critical Database Information. The nation's fastest growing crime: Identity theft.


08/08/2005

(ContentDesk) August 8, 2005 -- A survey conducted by the Computer Security Institute disclosed that most databases experience some kind of security breach every year; and these add up to average annual losses of about $4 million. A staggering 70% of them are by internal employees, and more than 95% of intrusions result in financial losses. Given this state of affairs, one wonders how important database security is; as opposed to other forms of network security. 90% of sensitive information is contained in databases; and protecting them from unauthorized access is critical. Among all security technologies such as network-layer firewalls, network monitoring, SSL secured communications, operating systems and application hardening, data protection technologies need to be extremely robust, for databases can be the point of maximum vulnerability.Many firms make back up tapes of all data in a 24 hour period to be stored in an off-site location.

Chances that such a tape could fall into wrong hand and misused are high. Data encryption is a solution in this case. Deploying cryptographically enforced access control to information ensures that only authorized personnel have access to the data. Even IT department employees and DBAs do not need access to encryption keys. However, the database security system should be application transparent – meaning there should be no need to make changes to underlying applications.A data security system must be capable of establishing a secure audit trail for tracking and reporting activity around sensitive data.

Fast performance, ease-of-implementation, scalability across applications are other concerns.Data security is now mandated by government legislation and industry regulations. Audit committees are stringent about protecting customer related information and corporate sensitive data. Proper access control, selective encryption of stored data, separation of duties and centralized independent audit functions are some requirements for protecting non-public personal information. GBLA (Gramm-Leach-Bliley Act) compliance is required of financial institutions, which states that they implement suitable access and security controls. Non-compliance can lead to severe regulatory fines and CEOs and directors can be held personally responsible and legally liable.Application transparent encryption technologies can be implemented as fast as one to three days with negligible performance considerations.

Separating responsibilities of access to sensitive information between the security officer and the database administrator ensures further efficacy of these technologies. Valuable database security information is available on website such as http://www.itinfosecure.com to help information technology professionals choosing the right security product. A key strategy for companies to enhance their reputation, profitability and overall well-being is to ensure data-protection.It has ceased to be the responsibility of the IT department alone - it is linked to the very survival of an organization.

 

 




Computer Security Home | Link Resources | Contact | Newsletter | Free Satellite TV | Computer Security News |
© Computer-Security-Software.net 2010. All rights reserved.