Complexity for Simple information
In the complex modern world of ICT, there is nothing that is more important to your business than the data that resides within it, whether it be a person’s name, date of birth or even their credit card details. The database is the location where all these things are stored.
Today’s applications are built on databases, whether it be relational databases (SQL, Oracle etc) or flat file databases (MySQL, InnoDB etc) these databases are varied in their complexity, although the data that resides within them is extremely important.
Securing databases is not as simple as it seems, you need to balance the security controls you have to access the database, the people who have the ability to mine the data, how the data is stored at rest and what applications can interrogate it.
There is one common element across all these areas: Know who and what is accessing the data…
Whilst there are heaps of things related to building layered databases and database schema structures, these are for a later article, we want to take a step back and assume these are in place.
So how do you work out who/what is accessing the database?
The most important thing to first realise is that there are numerous different applications that may be accessing the database every day. Do you know what they are accessing? How can you think about securing your data without knowing what is accessing it? The first step to your database security requirements is to start monitoring your database.
Monitoring the database assists in numerous areas for both external and internal security requirements.
1) Allows you to know what applications need access to.
2) Understand what data is residing in the database that needs to be masked.
3) Understand what DBA’s and admins are doing to the database.
4) Allows for greater development and increased performance.
So how do you monitor your database? There are operational tools that vendors provide, although they only deal with the database. These tools however don’t deal with database security, they don’t take account of the application, access requirements or encryption at rest.
From a security perspective, this is just not enough. You need:
– Database activity monitoring tool that links into your overall Security monitoring.
– Data obfuscation tools (preferably with encryption options at column level).
– Access controls at the database level.
IBM Guardium Analyser is a centralised Database Monitoring tool that assists organisations in understanding who/what is accessing the data within the database, in addition, it allows you to build compliance controls to assist in the protection and encryption of the data, assess the risk and allow for a clear picture of the users and applications utilising and adding data to your databases.
Feel free to contact us to understand how IBM Guardium may assist you in building an appropriate database security posture that aligns to your security management framework.