Symantec to protect databases

High-profile security breaches have revealed the vulnerability of information held in large databases.

With data security breaches on the rise, Symantec is moving to protect the databases where organizations store their most valuable information. Reports of intruders gaining access to customer information at major financial institutions and regulatory mandates to protect user privacy are driving efforts to provide better protection for databases.

Officials at Symantec Research Labs are poised to transfer a new database auditing and security appliance to the product side of the company. No date has been set for commercial release of the Symantec Database Audit and Security product, but the company has tested the appliance at several user sites, officials said last month during a press briefing.

More than 130 data breaches were reported last year and more than 57 million records were affected, said Gerry Egan, Symantec Research Labs’ group product manager. Traditional security devices, from database auditing to network-based intrusion detection, will not stop or protect against insider abuse such as database administrators with access rights or hacked application servers, Egan said.

Symantec’s security appliance sits in front of database clusters or servers and monitors traffic. “It sees everything going into the database” and reports on activity to security administrators in real time, Egan said. The appliance will offer auditing and fraud-detection capabilities, and it will detect unauthorized transfers of information from the database, a process known as extrusion detection, Egan said.

Several companies offer similar capabilities, including Application Security Inc. (AppSecInc), Guardium, Incache and Lumigent.

“As the market grows, it’s no surprise to see larger vendors get involved,” said Ted Julian, vice president of strategy at AppSecInc, which offers vulnerability assessment and intrusion detection.

“We’ve learned at the network layer and general host [systems] there is no silver bullet” for database security, Julian said. But real-time monitoring of databases is “one leg on the stool.”

Vulnerability assessment or scanning is crucial for revealing which systems need protection, he added. One AppSecInc customer, a large organization, did not know about an Oracle database on its network until after security administrators completed a vulnerability assessment scan, Julian said.

The other leg is encryption, which is especially important at the database level. No one has put all three legs on the stool, Julian said. But he gives Symantec credit for attempting to secure databases. It requires knowledge of how a database functions and an understanding of the threats that are unique to that environment, he said.

Architecturally speaking, “there are many ways to skin the cat” when it comes to database protection, said Pete Lindstrom, director of research at Spire Security. There are trade-offs between network-based and host-based security, so it is best to incorporate both approaches, he added.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • Social network, census

    5 predictions for federal IT in 2017

    As the Trump team takes control, here's what the tech community can expect.

  • Rep. Gerald Connolly

    Connolly warns on workforce changes

    The ranking member of the House Oversight Committee's Government Operations panel warns that Congress will look to legislate changes to the federal workforce.

  • President Donald J. Trump delivers his inaugural address

    How will Trump lead on tech?

    The businessman turned reality star turned U.S. president clearly has mastered Twitter, but what will his administration mean for broader technology issues?

  • Login.gov moving ahead

    The bid to establish a single login for accessing government services is moving again on the last full day of the Obama presidency.

  • Shutterstock image (by Jirsak): customer care, relationship management, and leadership concept.

    Obama wraps up security clearance reforms

    In a last-minute executive order, President Obama institutes structural reforms to the security clearance process designed to create a more unified system across government agencies.

  • Shutterstock image: breached lock.

    What cyber can learn from counterterrorism

    The U.S. has to look at its experience in developing post-9/11 counterterrorism policies to inform efforts to formalize cybersecurity policies, says a senior official.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group