This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.
Data security is today a more complex challenge than ever. From bringing your own devices to work to customized apps and more, every new innovation has in itself created new loopholes for exploitation. Throw in a more connected society than before with both consumers and businesses accessing all sorts of information on-the-go and you get the perfect set-up for hackers and data criminals to thrive in.
Indeed, we are living in an increasingly dangerous world of hackers, insider threats, organised crimes, and other groups intent on stealing valuable data. Information targeted for attack has included citizen data, intellectual property, financial information, government data, competitive bids, online transaction and credit card frauds. Attack methodologies include hacking of privileged user accounts, exploitation of application vulnerabilities, media theft, and other sophisticated attacks collectively known as Advanced Persistent Threats or APT.
Nevertheless, Singapore has made some significant strides towards protecting consumers and businesses from data theft. IDA's National Cyber Security Masterplan 2018 continues to reinforce Singapore's cyber security by intensifying efforts in the Government and nation's critical infocomm infrastructure as well as businesses and individuals, to engender a secure and resilient infocomm environment and a vibrant cyber security ecosystem.
That being said, the number and type of threats are ever increasing and CIOs still need a way to ensure that they can comprehensively detect all threats and/or prevent them. Many of the data breach investigation reports suggest that most of all breached records came from compromised database servers. This is where database security is especially important. Security and compliance requires a defense in depth, multi-layered, security model that includes preventive, detective, and administrative controls.
These are some key areas where organisations should take added steps to ensure their data base is secure and the proposed solutions:
Preventing Database Bypass
Database bypass threats target operating system files and backup media. Targeting these locations simplifies the job of the attacker. No database access is required, fewer audit records (if any are generated), and any associated database as well as application access controls are completely bypassed. One of the most widely used technologies to protect against database bypass threats is encryption.
There are two layers to this solution. The first is to implement Transparent Data Encryption (TDE) and data redaction capabilities, vital to protecting sensitive application data. TDE is easy to deploy and helps prevent unauthorized access to sensitive information via direct access to the operating system, backup media or database exports. Sensitive data such as credit card information or ID numbers can be automatically encrypted in storage.
Sign up for CIO Asia eNewsletters.