In order to mitigate the risk posed by insiders, organisations should audit regularly and implement systems to flag abnormal behaviour from a user with privileged access. Imperva's User Rights Management product helps companies manage user permissions and monitor employee access. From a security standpoint, a simple 'rule' that alerts IT managers when a user accesses massive amounts of sensitive data would prevent a breach.
What can organisations in Asia do to close these gaps to reach parity with the best of the world in terms of enterprise security protection and preparedness to counter security threats and minimise risks?
The recent attacks and data breach incidents in Asia have provided a reminder for all organisations to review data security infrastructure and processes to minimise risks. Instead of focussing on external security such as purchasing a firewall or anti-virus software based on brand familiarity, organisations both large and small need to go a step further. A strong strategic partnership with the IT department and security partners like Imperva can help to ensure that internal processes are set up to protect critical assets while minimising the risk of data breaches. The release of our Hacker Intelligence Initiative (reports), Threat Advisories and blog commentaries also help organisations to stay on top of the changing security landscape.
Below are some further steps that organisations can take:-
* Improve internal data controls-enhance visibility to data access, both structured & unstructured, and, introduce capabilities to detect abusive access of data centre resources.
* Evaluate solutions for cloud data repositories-perform better due diligence of your providers.
* Ensure your security budget reflects the need for data protection at the data centre - over and above end-point and network perimeter protection.
Talk about Imperva's role in the provision of the methods and means that can help these organisations in Singapore and the rest of Asia.
The data security environment can be very unpredictable-threats are constantly evolving. This is why we are investing heavily in research and analysis. We break down the attacks that happen around the world, profile the perpetrators and offer valuable insights into what's happening behind the scenes. This helps our clients to be aware of the current trends and threats, while ensuring that our technology is ready to address them.
The Imperva SecureSphere is a comprehensive, integrated security platform that includes SecureSphere Web, Database and File security backed by the Imperva Application Defense Center, a world-class security organisation that maintains the product's cutting-edge protection against evolving threats.
Earlier this year, Imperva acquired cloud security gateway start-up Skyfence and cloud-based web application security company Incapsula, and released SecureSphere 10.5 and SecureSphere Web Application Firewall (WAF) for Amazon Web Services (AWS). The combination of these technologies further extends Imperva's comprehensive data centre security strategy across the cloud with solutions that are unmatched in the industry.
Sign up for CIO Asia eNewsletters.