Symantec to protect databases

High-profile security breaches have revealed the vulnerability of information held in large databases.

With data security breaches on the rise, Symantec is moving to protect the databases where organizations store their most valuable information. Reports of intruders gaining access to customer information at major financial institutions and regulatory mandates to protect user privacy are driving efforts to provide better protection for databases.

Officials at Symantec Research Labs are poised to transfer a new database auditing and security appliance to the product side of the company. No date has been set for commercial release of the Symantec Database Audit and Security product, but the company has tested the appliance at several user sites, officials said last month during a press briefing.

More than 130 data breaches were reported last year and more than 57 million records were affected, said Gerry Egan, Symantec Research Labs’ group product manager. Traditional security devices, from database auditing to network-based intrusion detection, will not stop or protect against insider abuse such as database administrators with access rights or hacked application servers, Egan said.

Symantec’s security appliance sits in front of database clusters or servers and monitors traffic. “It sees everything going into the database” and reports on activity to security administrators in real time, Egan said. The appliance will offer auditing and fraud-detection capabilities, and it will detect unauthorized transfers of information from the database, a process known as extrusion detection, Egan said.

Several companies offer similar capabilities, including Application Security Inc. (AppSecInc), Guardium, Incache and Lumigent.

“As the market grows, it’s no surprise to see larger vendors get involved,” said Ted Julian, vice president of strategy at AppSecInc, which offers vulnerability assessment and intrusion detection.

“We’ve learned at the network layer and general host [systems] there is no silver bullet” for database security, Julian said. But real-time monitoring of databases is “one leg on the stool.”

Vulnerability assessment or scanning is crucial for revealing which systems need protection, he added. One AppSecInc customer, a large organization, did not know about an Oracle database on its network until after security administrators completed a vulnerability assessment scan, Julian said.

The other leg is encryption, which is especially important at the database level. No one has put all three legs on the stool, Julian said. But he gives Symantec credit for attempting to secure databases. It requires knowledge of how a database functions and an understanding of the threats that are unique to that environment, he said.

Architecturally speaking, “there are many ways to skin the cat” when it comes to database protection, said Pete Lindstrom, director of research at Spire Security. There are trade-offs between network-based and host-based security, so it is best to incorporate both approaches, he added.

Featured

  • Defense
    The U.S. Army Corps of Engineers and the National Geospatial-Intelligence Agency (NGA) reveal concept renderings for the Next NGA West (N2W) campus from the design-build team McCarthy HITT winning proposal. The entirety of the campus is anticipated to be operational in 2025.

    How NGA is tackling interoperability challenges

    Mark Munsell, the National Geospatial-Intelligence Agency’s CTO, talks about talent shortages and how the agency is working to get more unclassified data.

  • Veterans Affairs
    Veterans Affairs CIO Jim Gfrerer speaks at an Oct. 10 FCW event (Photo credit: Troy K. Schneider)

    VA's pivot to agile

    With 10 months on the job, Veterans Affairs CIO Jim Gfrerer is pushing his organization toward a culture of constant delivery.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.