Symantec to protect databases

High-profile security breaches have revealed the vulnerability of information held in large databases.

With data security breaches on the rise, Symantec is moving to protect the databases where organizations store their most valuable information. Reports of intruders gaining access to customer information at major financial institutions and regulatory mandates to protect user privacy are driving efforts to provide better protection for databases.

Officials at Symantec Research Labs are poised to transfer a new database auditing and security appliance to the product side of the company. No date has been set for commercial release of the Symantec Database Audit and Security product, but the company has tested the appliance at several user sites, officials said last month during a press briefing.

More than 130 data breaches were reported last year and more than 57 million records were affected, said Gerry Egan, Symantec Research Labs’ group product manager. Traditional security devices, from database auditing to network-based intrusion detection, will not stop or protect against insider abuse such as database administrators with access rights or hacked application servers, Egan said.

Symantec’s security appliance sits in front of database clusters or servers and monitors traffic. “It sees everything going into the database” and reports on activity to security administrators in real time, Egan said. The appliance will offer auditing and fraud-detection capabilities, and it will detect unauthorized transfers of information from the database, a process known as extrusion detection, Egan said.

Several companies offer similar capabilities, including Application Security Inc. (AppSecInc), Guardium, Incache and Lumigent.

“As the market grows, it’s no surprise to see larger vendors get involved,” said Ted Julian, vice president of strategy at AppSecInc, which offers vulnerability assessment and intrusion detection.

“We’ve learned at the network layer and general host [systems] there is no silver bullet” for database security, Julian said. But real-time monitoring of databases is “one leg on the stool.”

Vulnerability assessment or scanning is crucial for revealing which systems need protection, he added. One AppSecInc customer, a large organization, did not know about an Oracle database on its network until after security administrators completed a vulnerability assessment scan, Julian said.

The other leg is encryption, which is especially important at the database level. No one has put all three legs on the stool, Julian said. But he gives Symantec credit for attempting to secure databases. It requires knowledge of how a database functions and an understanding of the threats that are unique to that environment, he said.

Architecturally speaking, “there are many ways to skin the cat” when it comes to database protection, said Pete Lindstrom, director of research at Spire Security. There are trade-offs between network-based and host-based security, so it is best to incorporate both approaches, he added.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.