Linda W. Perkins

The Last Line of Defense: Protecting Your Databases from Malicious Attacks

NetIQ - March 01, 2010

Database Security: The New Priority in Data Protection

One of the most critical issues businesses face today is the ability to safeguard private data such as credit card data, social security numbers, healthcare data, and other critical information that is stored within company databases. As government regulations regarding privacy and confidential personal information tighten, corporations can no longer look at database security as optional. A security breach involving such data not only puts an enterprise’s reputation at risk, but also may initiate lawsuits and regulatory fines that can have a significant long-term financial impact on the organization.

According to a 2009 Forrester research report,1 —Database security is the last line of defense, so it deserves greater focus on the protection of private data from both internal and external attacks than IT pros have traditionally given it.‖ One of the reasons for this shifting prioritization is the need to defend against a growing number of attacks on databases, caused primarily by two issues: 1) an increased targeting of private data because of its use in other crimes, such as identity theft; and 2) databases have historically been one of the least-protected areas of the IT infrastructure, making them an attractive target.

Because of these security trends, many enterprise organizations are shifting their data protection focus away from the perimeter, and are now focused on monitoring data located within databases. This new priority, along with the need to reduce costs and maximize IT resources, is creating a greater need for a specialized and integrated solution that monitors access to these critical databases.