The second layer is to deploy encryption and other security solutions centrally. Having a browser-based management console makes it easier to administer encryption keys, provision server endpoints, securely manage key groups and report on access to keys. Administrator roles can also be divided into key, system, and audit management functions for separation of duties for ease of management.
Reducing Sensitive Data Exposure
Limiting the distribution of and access to sensitive data is a well understood security principle. What has changed, however, is the realisation that much tighter controls on access to sensitive data can be put in place without adversely impacting business operations. The goal is to reduce the attack surface by stopping the unnecessary proliferation of sensitive data beyond the boundaries of the consolidated database. The proliferation could be in the form of poorly designed applications that display sensitive data, copies of production data transferred to test and development environments, or shared with business partners. Regardless of the proliferation path, overexposure of sensitive data makes it easier for data breaches and other access violations to take place and go undetected.
Redaction is the process of scrubbing out data. In applications, data redaction provides selective, on-the-fly redaction of sensitive data in query results prior to display by applications. When application data is stored inside a database, it will be possible to consistently redact database columns across different application modules accessing the same data. Data redaction minimises changes to applications because it does not alter actual data in internal database buffers, caches, or storage and it preserves the original data type and formatting when transformed data is returned to the application. Additionally, data redaction has no impact on database operational activities such as backup and restore, upgrade and patch, and high availability clusters.
When sharing sensitive data, it is important to mask data before it is moved. In development and test environments, data is moved from production to non-production environments where there is a risk of irreversibly replacing the original sensitive data with fictitious data so that data can be safely shared with IT developers or business partners. Here, application integrity should be preserved by maintaining data relationships across application tables. Having an end-to-end, automated, centralized library with out-of-the-box mask formats will help CIOs to more effectively conceal different types of sensitive data.
Locating and cataloging sensitive data is also important. In fact, knowing where your sensitive data reside is an important first step in deploying a defense in depth security model. While this can be a complicated challenge, having a tool to facilitate the process of locating sensitive data within an application and applying security controls on that data can help provide detailed lists of sensitive data for each application. Businesses could also choose to deploy tools that monitor the configuration of sensitive databases which generally provides out-of-the-box policy checks that can be easily run against existing database and custom configuration checks.
Sign up for CIO Asia eNewsletters.