Still About The Data
The recent focus on external compliance issues has reinforced the view that protecting customer data is essential to your enterprise's health. Vendors have stepped up with products that attempt to detect, control and report about access to all of those databases you didn't know were out there (and yes, you do have them). On the surface, these products may seem superfluous: All major databases control access to specific tables and columns and generate logs that tell you who's doing what. But that built-in access control is very programmatic, rights-oriented protection, and its logging is not intuitive and subject to tampering.
Database extrusion detection products by vendors such as Application Security and Imperva attempt to watch for common access violations. Why is the Southeastern U.S. sales rep dumping the entire Pacific Rim customer list? Why is that Web application server suddenly requesting 25 customer records at a time, instead of one? Add to this the increasing capability of these products to map internal user names to a Web application that normally uses a generic database login, and you've got a powerful tool that will find all known and unknown locations of your data, tell you who's requesting what through applications, and monitor for anomalies. These tools are a powerful addition to your arsenal, and will help you keep critical data in the hands of legitimate business users.
In addition, placing the application on an appliance that watches network protocols to determine activity, or copying and footprinting database logs, will make it difficult for malicious insiders to cover their tracks by tampering with log files. We're excited about this technology--it keeps your eyes on the important stuff. The few employees who may commit insider data theft will get tagged. The vast majority who are just trying to do their jobs will rarely notice the system. And people with legitimate business reasons for generating abnormal database activity can quickly explain their actions.
Monday Morning Quarterback
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
There are many network courses that can address your present job's priorities and help you gain the needed skills to keep pace with industry changes and new technologies.
