Network Computingwww.networkcomputing.com

Rolling Review Introduction: Extrusion-Prevention Systems

Posted by John H. Sawyer on March 16, 2007

Tags: Application Security,  Crossroads Systems,  Guardium,  IPLocks,  Imperva,  Microsoft,  Oracle,  Pyn Logic,  SQL,  Symantec,  Tizor Systems,  Transparency Software,  data extraction,  data privacy,  database,  database attacks,  extrusion detection,  extrusion prevention,  monitoring,  policy enforcement,  Access and Authentication,  Antivirus,  Benchmarks,  Credit Union,  Data Encryption,  Data Networking & Management,  Data Protection,  Data Security,  Data Security ,  Database Management Services,  Database Technology and Applications,  Enclosures,  Enterprise Management,  Firewalls,  Hotspots,  Intrusion Detection and Prevention,  Java,  Linux,  Other,  Remote Access Software,  Rolling Review,  Security Standards,  Security and Privacy,  Servers,  Servers & Storage,  Software,  Software and Web Development,  Technology,  User Interface,  VPNs ,  WLAN Security,  Windows,  Wireless

Channel: Data Protection, Networking & Mgmt, Other, Servers & Storage, Wireless

Customer lists, sales figures, R&D, credit-card numbers ... the list of data you absolutely do not want public gets longer all the time. So why do most organizations choose databases to fit the needs of other applications, say, ERP systems, rather than focusing on security? Even if impenetrability was a selling point, you likely found out all too quickly that the database vendor's security model didn't mesh with your real-world network infrastructure.

It's one of those situations that make security pros weep while vendors feel lucky all the way to the bank. The database-security market, including database encryption, auditing, assessment and monitoring, is worth $600 million now, according to Forrester, and will likely exceed $1 billion by 2009. A chunk of that will go to database extrusion detection/prevention. The capabilities of these products vary, but the core premise is that they track user activity and alert you to bad behavior. A small number go further, peremptorily blocking potential thefts before a data leak can occur. Which level of protection is right for your enterprise depends on the ramifications of unauthorized disclosure versus shutting down a legitimate user query.

Impact Assessment Click to enlarge in another window

Another wrinkle: In the good old days, databases were exploited through actual database-software vulnerabilities. Now they're likely to be abused through poorly written Web apps--hey, it's easier to keep a single browser updated than maintain 20 different client applications. If something can become Web-based, it likely will, and that includes the conduits to databases full of sensitive information.