This is an interesting question, particularly when organizations are driven by regulatory compliance requirements,...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
such as Gramm-Leach-Bliley, HIPAA, and SOX, to demand more advanced security features to protect their most valuable assets -- their data. Database Management Systems (DBMS) can differ greatly. They range from small membership lists that run on personal computers to systems that run on mainframes, such as flight reservation systems. Before I talk about what you should expect to see from DBMS vendors, I will quickly review what protection is pertinent to a DBMS. Comprehensive DBMS security requires an end-to-end approach. It encompasses encryption, security assessment and auditing, intrusion detection and prevention, and is supported by policies and procedures that will minimize the risk and impact of malicious attacks. Databases also need support from proper backup protection and patch management procedures. Network-based applications should use data encryption for sensitive data both at rest and in transit, while protected by a network architecture that provides defense-in-depth.
Although Oracle continues to lead database security solutions, many DBMS products only offer basic security features and do not provide the capability to harden the database environment. Most advanced security functions are provided by smaller, specialized vendors, who focus on addressing functional gaps. To achieve comprehensive DBMS security, you should look at a combination of products. A good starting point is Application Security's product suite atwww.appsecinc.com, which, according to Forrester Research, offers the most comprehensive database security solution, covering data-at-rest encryption, assessment, auditing, and intrusion detection and prevention.
Looking ahead, as DBMS vendors add new security features and the specialized DBMS security vendors continue to set the pace, innovations in DBMS security will make it worthwhile to keep abreast of the developments.
Dig Deeper on Database Security Management
Related Q&A from Michael Cobb
The Android Trojan Triada has the ability to replace a device's system functions with its own. Expert Michael Cobb explains how to mitigate the ...continue reading
An old Java vulnerability was discovered to have been ineffectually patched. Expert Michael Cobb explains how this happened and what can be done to ...continue reading
Google's Certificate Transparency tool publicly logs certificates issued by CAs. Expert Michael Cobb explains how the log viewer works to improve ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.