Symantec to protect databases

High-profile security breaches have revealed the vulnerability of information held in large databases.

With data security breaches on the rise, Symantec is moving to protect the databases where organizations store their most valuable information. Reports of intruders gaining access to customer information at major financial institutions and regulatory mandates to protect user privacy are driving efforts to provide better protection for databases.

Officials at Symantec Research Labs are poised to transfer a new database auditing and security appliance to the product side of the company. No date has been set for commercial release of the Symantec Database Audit and Security product, but the company has tested the appliance at several user sites, officials said last month during a press briefing.

More than 130 data breaches were reported last year and more than 57 million records were affected, said Gerry Egan, Symantec Research Labs’ group product manager. Traditional security devices, from database auditing to network-based intrusion detection, will not stop or protect against insider abuse such as database administrators with access rights or hacked application servers, Egan said.

Symantec’s security appliance sits in front of database clusters or servers and monitors traffic. “It sees everything going into the database” and reports on activity to security administrators in real time, Egan said. The appliance will offer auditing and fraud-detection capabilities, and it will detect unauthorized transfers of information from the database, a process known as extrusion detection, Egan said.

Several companies offer similar capabilities, including Application Security Inc. (AppSecInc), Guardium, Incache and Lumigent.

“As the market grows, it’s no surprise to see larger vendors get involved,” said Ted Julian, vice president of strategy at AppSecInc, which offers vulnerability assessment and intrusion detection.

“We’ve learned at the network layer and general host [systems] there is no silver bullet” for database security, Julian said. But real-time monitoring of databases is “one leg on the stool.”

Vulnerability assessment or scanning is crucial for revealing which systems need protection, he added. One AppSecInc customer, a large organization, did not know about an Oracle database on its network until after security administrators completed a vulnerability assessment scan, Julian said.

The other leg is encryption, which is especially important at the database level. No one has put all three legs on the stool, Julian said. But he gives Symantec credit for attempting to secure databases. It requires knowledge of how a database functions and an understanding of the threats that are unique to that environment, he said.

Architecturally speaking, “there are many ways to skin the cat” when it comes to database protection, said Pete Lindstrom, director of research at Spire Security. There are trade-offs between network-based and host-based security, so it is best to incorporate both approaches, he added.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.