Database Intrusion Detection System
Database intrusion protection system for large enterprises who struggle to secure their databases amid increasing zero-day threats and mounting regulatory and compliance requirements.
Databases by nature are required to store a large amount of highly sensitive business critical information. This is not limited to just company employees or business activity but also confidential customer information. This information is required to be accessed by a large number of people at varying times. The challenge to any business is how to allow authorised activities in an easy and efficient manner whilst ensuring unauthorised activities are prohibited.
Security Auditing is a review and examination of data processing system records and activities to test for adequacy of system controls. This helps to ensure compliance with an organisations established security policy and operational procedures to detect breaches in security.
Following on from this a continuous assessment of the security policy and procedures to ensure that you are compliant with new standards or protected against the latest threats. Database Intrusion Detection/Security Auditing is a method of monitoring and responding to an attack when it occurs on or around the database. Depending on the severity of the activity, it will also allow you to manage the response to a valid yet potentially malicious activity. In a worst case scenario, should an attack on the database occur you will be alerted on the activity and be better enabled to counter with a quicker response before your database can be thoroughly exploited and your sensitive data compromised. In addition you will also want to locate and fix the hole through which the attackers came through.
As the theft of critical and sensitive data becomes more high profile and more commonplace increasingly stringent legislation and standards are being implemented throughout the world such as Sarbanes-Oxley (SOX), PCIDSS, Basel II and The European Union Data Protection Directive to ensure that confidentiality and integrity of sensitive information is maintained.