Security is not just some product that you can buy off the shelf and that’s it, you’re secure. According to Noel Yuhanna, a principal analyst at Forrester Research, a secure database is a matter of process, not technology, which is why a plan is so important. Forrester recommends the following five steps, which was taken from eWeek:
El informe comentado resalta algo conocido, que Monster evidentemente recuerda: According to Forrester Research, 80 percent of companies lack even the most basic database security plan.
1) Monitoring -- Automated monitoring tools are important because of the sheer volume of activity going on with many databases, making it impossible for someone to do it without automation.
2) Vulnerability Assessment -- Data needs to be rated according to it’s significance, and the more important it is, the better it needs to be protected. According to Forrester’s Yuhanna, “Once you classify the data, then you build a policy around it.”
3) Data Masking -- Many think you need to keep the data off the database from the very beginning. Smart users actually hide important data by overlaying false values, so the applications can continue to work normally and the important data is never exposed.
4) Encryption -- We all know how important data encryption is, but encryption still comes with what seems to be more challenges than solutions. But while encryption can be difficult to implement, encrypting key data is critical to good security practices, and also an essential element of HIPAA and PCI regulations.5) Auditing -- Very simply, security is an ongoing process, and frequent auditing will keep a company on it’s security toes and hopefully keep it out of the data-breach news.
5) Auditing -- Very simply, security is an ongoing process, and frequent auditing will keep a company on it’s security toes and hopefully keep it out of the data-breach news.