|
(PRIORITIES2008) data protection
Data breach notification laws, industry standards such as the Payment Card Industry Data Security Standard, and privacy regulations such as HIPAA are driving interest in data protection, industry experts say. International data privacy laws also play a role, says Eric Ouellet, a research vice president at Gartner.
In the past, companies put a lot of effort into securing data in transit, but now are making database security a priority, experts say. Securing databases involves making sure they're properly set up with strong access controls so only authorized people can obtain the data, and implementing tools that permit fine-grained data extraction, says Jonathan Gossels, CEO of consultancy SystemExperts.
"The best way to protect your data is to keep control over it, and if you're going to extract some to perform analysis, extract only that information you need," he says.
About 31 percent of readers say they will evaluate database encryption tools, while nearly 30 percent plan to take a look at software-based encryption and about 29 percent will re...
To continue reading for free, register below or login
To read more you must become a member of SearchSecurity.com
view hardware-based.
Paul Stamp, principal analyst at Forrester Research, says encryption addresses multiple concerns companies have, from meeting mandates such as PCI and preventing employees from accessing data they shouldn't, to protecting data when it leaves their premises on a tape or a laptop.
"Encryption is a good way to mitigate those types of worries," he says.
With all the news stories of data loss due to missing or stolen backup tapes, Citizens Bank makes sure to encrypt its backups. "That's been a huge focus," says IT manager and secu- rity officer Dennis Weiskircher Jr. "Our offsite facility is only 15 miles away, but that's still 15 miles where data is traveling."
Another area of concern for companies is preventing employees from accidentally leaking or stealing sensitive data via email or by copying it onto a removable storage device. Data leak prevention products will be evaluated by 35 percent of the readers surveyed.
"Information leak protection really holds some promise, but it's got to be part of a wider information lifecycle management issue," Stamp says.
|
 |
|
