Securing data in the digital age
Sudha Iyer looks at some common practices and offers advice for resellers
Iyer: The channel adds real value through a unified approach to security and compliance
Databases may contain customer credit card information, financial data and intellectual property so large and sophisticated predators are keen to crack them open.
The security industry has been failing to adequately protect confidential records. There is a huge black market for personal data. We have heard that bank account details sell for 5 to 10 per cent of the account value and credit card data can sell for up to £30 per account.
The channel must not let the hen guard the chicken coop. Resellers should encourage their customers to put database activity monitoring in the hands of independent information security professionals.
Insider threat also cannot be ignored. Unfortunately, in most organisations privileged database access is granted in excess and poorly managed. Developers and external consultants often have too-easy access to sensitive information and the database itself is difficult to lock down.
On the plus side, database-stored data is subject to compliance stipulations such as privileged user monitoring, audit trails and reporting and keeping patches up to date.
Theoretically, most organisations should cover the database as part of their overall governance and compliance strategy. Most often, they don’t. Several industry research polls claimed recently that 90 per cent of database vulnerabilities go unpatched.
The database is basically a one-stop shop for valuable information. Resolutions must be actionable in real time to detect, alert and prevent.
A solution that allows for separating duties – where the database administrator manages the database and any access to data is fully monitored by a third party, such as an info security team, is what we recommend.
Serious consideration should also be given to third-party access points and data encryption. In short, harden the infrastructure. Apply vendor security patches as quickly as possible (use virtual patching if it can’t be done qu ickly enough), and use strong passwords.
Change all default usernames and passwords. Ensure that client databases aren’t overloaded. The security solution should have little or no impact on database performance. Develop response capabilities such as automated breach prevention capabilities, and prepare a rapid response plan in case of a breach. Isolate and mitigate all incidents.
The channel can add real value to a customer by providing infrastructure services and differentiate themselves by folding in compliance and security reports and alerts from their most valuable assets – databases. They can present a truly unified approach to security, covering all information assets in a corporate network. This is a hot area of security right now, and can be made even more so if the channel can add customised services over the products themselves.
Sudha Iyer is director of product management at LogLogic