Before you lose something precious, govern your data.
Your company doesn't have to fall victim to a sinister SQL injection attack for its sensitive corporate or customer information to come pouring out of a database. Shoddy data governance can do as much to poke a hole in a data store as sloppy data input validation.
It's the CISO's job to balance the business need that data be available and shared with partners, suppliers and customers, while putting controls in place to fend off trusted insiders and malicious outsiders--and appease auditors. All the while, data grows in near immeasurable volumes and is accessible via many avenues on the Internet and corporate extranets. Adding to the stress is the often routine practice of replicating databases for backup, high availability and--too often--for development. Their content is accessed and stored by myriad applications, partners and customers, sometimes in ways you don't appreciate or even suspect.
In short, data lives everywhere, and security constantly tries to keep up with a moving target.
 |
|
||||
Requires Free Membership to View
SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!
Michael S. Mimoso, Editorial Director
|
|
|||||
|
|
|
|
|||
| ||||||
|
|
|
|
|||
|
More information from SearchSecurity.com
Check out Bitpipe's database security whitepaper library. |
||||||
| ||||||
|
|
|
|
|||
| ||||||
| ||||||
Whether your company is built on a strong foundation of data governance and intelligent risk management, or has been forced to "do something" because of PCI, Sarbanes-Oxley, HIPAA, SB 1386 or other regulatory mandates, it's obvious that the cost of weak data security is greater than the implementation of strong controls. Here are the top database security challenges facing corporations today, and guidance on how to meet them.
This was first published in October 2006