The 80% of data breaches are provoked by external attacks but this means that in 20 cases on 100, there’s the risk that the leak have been caused by an employee of the affected company, Computerworld reported on Friday  .

These data,  actually  represent a huge threat  for companies, because according to Jerald Murphy, senior vice president and director of research operations at The Robert Frances Group,  the risk that people could do illegitimate things with data they have legitimate access to is much less well container. "Consequently, this is one of the greatest sources of data security vulnerability -- and one of the hardest to defend against -- that organizations face today."

Considering that a DBA, a Data Base administrator, works with database management systems software and determine ways to organize and store any kind  of sensitive data, he or she could make a perfect spy copying and using for malicious purposes both corporate secrets and employee or customer personal information.

A simple negligence could be enough to create a big loss to the company, even if not purposeful: an employee with regular access to data bases could download some information on a laptop and carry it in a business trip.. what if the lap top were stolen, or forgotten and consequently data were exposed?

It isn’t easy to detect such frauds, especially those provoked by internal elements, but now software is available which can help guard data from internal threats.

Encryption seems to be the best solution according to him, indeed he  recommends using third-party encryption utilities from vendors such as Protegrity or Ingrian Networks  because if the encryption is done by the database engine, the DBA has access to the key, and if the DBA is stealing the data, this will not stop him.

Then, on the other hand,  the keys will be stored in the database, and if they become corrupted, data recovery will be difficult. “Third-party encryption removes the keys from the DBA's purview, allowing the separation of responsibilities between database management and security. These third-party solutions keep the keys outside the database and have sophisticated key management, making recovery simpler should the keys become corrupted.”

Another important step would be to adopt Extrusion solutions that would intercept sensitive data on its way out of the corporate network and preventing  it from crossing the corporate boundaries and notifying a designated individual, such as the corporate security officer.

Among the available programs, experts suggest  Vontu for e-mail, including attachments and Fidelis Security Systems to encompass all files. "This is the opposite of a firewall, and it is important for catching the mistakes of well-meaning employees that are behind 80% of corporate data security breaches."

Security is one of the most important aspects in a company, and there’s no justification for any leak. We know it, we reported it and we have been repeating it many, many times… but we are not sure that these would be effective solutions.

First of all because sometimes data HAVE to be sent outside the virtual borders of a company for legitimate reasons, and then because we don’t think that checking emails and controlling the logs could be a precise indicator that something is going wrong, because how many people keeps working until late in certain periods? Are all of them potential spies?

Comments Index (Total Messages: 0)

Post Reply
Name:	Guest
Title:
Comment:
Enter this security word

Powered by a Zone-H(ified) version of AkoComment 3.0!