• Like
Sådan undgår du misbrug af kundedata og fortrolig information
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Sådan undgår du misbrug af kundedata og fortrolig information

  • 525 views
Published

Brian Flasck - .Sådan undgår du misbrug af kundedata og fortrolig information. …

Brian Flasck - .Sådan undgår du misbrug af kundedata og fortrolig information.
Se mere på http://www.smarterbusiness.dk

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
525
On SlideShare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
3
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • Let’s talk about our solution!Heterogeneous support for Databases and ApplicationsS-TAP Agents lightweight cross platform support NO changes to Databases or Applications Also monitor direct access to databases by privileged users (such as SSH console access), which can’t be detected by solutions that only monitor at the switch level.Collectors handle the heavy lifting (continuous analysis, reporting and storage of audit data) reduces the impact on the database serverOur solution does not rely on log or native audit data DBAs can (sometimes have to!) turn this off Logging greatly impacts performance on the Database Server as you increase granularity!Real-time alerting – not after the factMonitor ALL Access

Transcript

  • 1. Sådan undgår du misbrug af kundedata ogfortrolig informationBrian Flasck
  • 2. Agenda• Intro to Security Intelligence from IBM• Challenges around Database Security• InfoSphere Guardium Solution• The Database Security Lifecycle• Summary
  • 3. Security Intelligence from IBM Enterprise Governance, Risk and Compliance Management IBM OpenPages Algorithmics (recent acquisition) i2 Corporation (recent acquisition) IBM Security Portfolio IT Governance Risk and Compliance Security Information Deep, custom analytics IBM Privacy, Audit and and Event Management (SPSS, Streams, Cognos) Compliance Assessment Services Security Consulting People Data Applications Infrastructure Network EndpointIdentity & Access Management Guardium AppScan EndpointSuite Database Security Source Edition Manager (BigFix) Managed Security Network Services Intrusion PreventionFederated Optim AppScan zSecureIdentity Manager Data Masking Standard Edition MainframeEnterprise Key Lifecycle Security DataPower Server and VirtualizationSingle Sign-On Manager Policy Manager Security Gateway Security X-Force Data Security Assessment Application Service Assessment Service Managed Firewall, Unified and IBM ResearchIdentity Assessment, Threat and Intrusion PenetrationDeployment and Hosting Prevention Testing ServicesServices Encryption and AppScan OnDemand Software Services DLP Deployment as a Service
  • 4. Databases are critical to any enterprise, surely they are already well-secured ?4
  • 5. • “No one group seems to own database security … This is not arecipe for strong database security” … 63% depend primarily onmanual processes” (ESG).•Security professionals and data owners need to know much morethan they currently do about their enterprises’ database activities.Many enterprises rely heavily on inadequate network and application-layer controls and perform only minimal monitoring of databases”.(Gartner)•“Most organizations (62%) cannot prevent super users from readingor tampering with sensitive information … most are unable to evendetect such incidents … only 1 out of 4 believe their data assets aresecurely configured (Independent Oracle User Group).• “The need to audit DBAs and other privileged users has grown asauditors and security groups look at nailing down sensitive data.”(Forrester Research) 5
  • 6. 2009 Data BreachInvestigations ReportA study conducted by the Verizon Business RISK teamExecutive Summary2008 will likely be remembered as a tumultuous year for corporations and consumers alike. Fear, uncertainty, and doubt seized global financial markets; corporategiants toppled with alarming regularity; and many who previously lived in abundance found providing for just the essentials to be difficult. Among the headlines ofeconomic woes came reports of some of the largest data breaches in history. These events served as a reminder that, in addition to our markets, the safety andsecurity of our information could not be assumed either.The 2009 Data Breach Investigations Report (DBIR) covers this chaotic period in history from the viewpoint of our forensic investigators. The 90 confirmed breacheswithin our 2008 caseload encompass an astounding 285 million compromised records. These records have a compelling story to tell, and the pages of this report arededicated to relaying it. As with last year, our goal is that the data and analysis presented in this report prove helpful to the planning and security efforts of our readers. http://www.verizonbusiness.com/resources/security/reports/2009_databreach_rp.pdf6
  • 7. 2009 Data Breach Report from Verizon RISK Team http://www.verizonbusiness.com/resources/security/reports/2009_databreach_rp.pdf
  • 8. How and When are Security Breaches Discovered?
  • 9. Why is there not more “intelligence” around database security and compliance?9
  • 10. The Traditional Approach – Use Native Logging within the DBMS × Lack visibility and granularity  Privileged users difficult to monitor  Anomalies are rarely detected in time × Inefficient and costly  Database performance is impacted  Manual processes require valuable resources × Provide little value to the business  Logs are complicated to inspect  Vulnerabilities go undetected × No segregation of duties  Privileged users can bypass the system  Audit trail can be modified
  • 11. The Intelligent Approach - Real-Time Database Security & Monitoring DB2 Microsoft SQL ServerPrivileged Users• 100% visibility including local DBA access • Granular policies, monitoring & auditing providing the Who, What, When & How• No DBMS or application changes • Real-time, policy-based alerting• Minimal impact on DB performance • Can stores between 3-6 months worth of audit data• Enforces separation of duties with tamper-proof audit on the appliance itself and integrates with archiving repository systems
  • 12. Full Cycle of Securing Critical Data Infrastructure• Discover all databases, applications & • Vulnerability assessment clients • Configuration assessment• Discover sensitive data Find Assess • Behavioral assessment• Classify sensitive data into groups & & • Baselining and assign access policies to them • Configuration lock-down Classify Harden & change tracking • Encryption The Database Security Lifecycle• Centralized governance• Compliance reporting • 100% visibility• Sign-off management Audit Monitor • Policy-based actions• Automated escalations & & • Anomaly detection• Secure audit repository Report Enforce • Real-time prevention• Data mining for forensics • Granular access controls• Long-term retention 12
  • 13. Guardium - the Choice of Market Leaders CONFIDENTIAL
  • 14. Summary• Risks related to data privacy breaches have never been greater• Fine-grained monitoring of database access is the best way to protect from data being compromised• A unified and consistent approach across the database infrastructure will save time, money, and increase security• IBM Guardium continues to be the market leader because of comprehensive functionality and ease of implementation