Opens a new window
Your databases are more important than ever. Modern enterprises increasingly depend on their databases to deliver the information they need — quickly, reliably, securely, and in compliance. Aberdeen’s research and analysis highlights the relevance of five common-sense capabilities for keeping your database secure and compliant.
- Assess Your Risk: Clearly, this includes an ongoing assessment of the threats, vulnerabilities, and potential exploits that could impact your most valuable / sensitive data. This activity will likely identify important technical considerations such as access privileges, configurations, data protections, and monitoring — but it must also incorporate the equally important business considerations of “how likely†and “how much impact.â€
- Manage Access: Post-mortem analysis of confirmed data breaches consistently shows that a high percentage involve the compromise or misuse of privileged access (e.g., sa for SQL servers, SSH keys for remote logins, and embedded passwords in scripts, databases, and applications). Proactively managing and rotating these credentials can have a large and positive effect on disrupting the attacker lifecycle — e.g., by preventing data breaches from occurring, or by containing a data breach that has already begun.
- Address Development and Testing: Your development and testing teams need realistic data, but these activities can cause disruptions to functionality, availability, and performance that are unwelcome in your production environment. Valuable or regulated data can be masked in a way that allows your data to be used in support of development and testing environments, while also reducing the risk of data breaches or disruptions.
- Protect Your Crown Jewels: The risk of a data breach, along with the requirements of regulatory compliance, continues to motivate organization to expand their use of database encryption — such that even if the encrypted data is compromised, it’s still not accessible to unauthorized parties.
- Monitor Activity: Monitoring database activities helps to provide your organization with the visibility and insight needed to distinguish between what’s normal and what’s anomalous. These capabilities can help you to detect and prevent data breaches from occurring — as well as to determine what data was accessed, when and by whom, to address auditing and reporting requirements.
Opens a new window
Aberdeen Strategy & ResearchOpens a new window , a division of Spiceworks Ziff DavisOpens a new window , with over three decades of experience in independent, credible market research, helps illuminate market realities and inform business strategies. Our fact-based, unbiased, and outcome-centric research approach provides insights on technology, customer management, and business operations, to inspire critical thinking and ignite data-driven business actions.