Best Practice for Enterprise Database Encryption Solutions
6 Pages Posted: 3 Oct 2006
Date Written: September 2006
Abstract
New business models rely on open networks with multiple access points to conduct business in real time, driving down costs and improving response times to revenue generating opportunities. By leveraging the ability to quickly exchange critical information and improve their competitive position, enterprises are introducing new vulnerabilities that can be exploited to gain unauthorized access to sensitive information. Furthermore, the insider threat is now considered by many to represent the greatest risk to enterprise resources. This article will review best practices with real world solutions to protect the confidentiality and integrity of your database. Operational hurdles will be examined, such as multiple database deployments and heterogeneous environments. New solutions are presented that save money by displacing multiple point solutions, are easy to implement, scalable, and require no application changes. These sophisticated integrated multi-tier solutions for application and data assurance are combining the strengths of database encryption, auditing controls and business activity monitoring. Although most DBMS security requirements will be met by native DBMS features, many DBMSes do not offer a comprehensive set of advanced security options; notably, many DBMSes do not have security assessment, intrusion detection and prevention, data-in-motion encryption, and intelligent auditing capabilities. DBMSes are not intelligent when it comes to security: for example, if a user has privileges, the DBMS does not stop the user or even determine why he or she might be trying to query the schema repeatedly or trying to access all private data. What if the user is a hacker or a disgruntled employee?
Keywords: Performance, Database Security, Encryption, Privacy, VISA CISP, GLBA, HIPAA, PCI
JEL Classification: O31
Suggested Citation: Suggested Citation