Interest in security has been running high for a few years now, reinforced by the arrival of little treats like the Mydoom worm.

And as you would expect, the industry has reacted by delivering a slew of products designed to address specific security needs. This column has spotlighted many of the intriguing new offerings, everything from devices designed to combat worms to storage security appliances and boxes that fend off reconnaissance efforts.

But most of these and other security tools are focused on external threats, and many sit at the network perimeter. IPLocks, a privately funded company that was founded in January 2002 and launched its first product that June, says the greatest threat comes from company insiders and the most vulnerable target is intellectual property - finance data, customer information, human resource records, etc. - stored in databases.

To bolster that claim, IPLocks - short for Intellectual Property Locks - points to the 2003 Computer Security Institute/FBI survey. That survey of 251 companies shows that about half of computer crime is done by employees and that the most costly type is theft of proprietary information. The companies suffered a combined loss of $70 million.

IPLocks' answer is the Database Security Audit System (DSAS), an external, non-intrusive device that can be used to assess and monitor - read only - DB2, SQL, Oracle and Sybase databases. One DSAS can support multiple data stores.

When it is set up, DSAS "looks for configuration issues and concerns, identifies potential problems so they can be fixed, and then establishes a baseline for continuous monitoring," says Trish Schaefer Reilly, senior marketing manager at IPLocks. When monitoring, DSAS is "looking for security policy violations, malicious or suspicious or unintentional acts, data corruption, and information theft," she says.

She calls it a learn-and-guard process. It might take three to four weeks for the tool to learn corporate behavior, and policies can be fined-tuned, but after that if DSAS sees something change that looks fishy, it alerts designated personnel. "You want to know who is viewing your data, who is coming in, what they are looking at, what is going on," Reilly says.

DSAS consists of modules for data inspection, reporting, archiving and alerting. The User Behavior Monitor, for example, detects anomalous or malicious access pattern usage.

Whitepapers

• Gene Kim's Practical Steps to Mitigate Virtualization Security Risks
• Selecting Effective Virtual Directories
• A Modern Approach to On-Demand Email and Data Security
• Best Practices for HP Servers and HP Enterprise Virtual Array in a Microsoft Exchange
• Compliance, Protection, Recovery: A Layered Approach to Laptop Security
• Endpoint Security: Data Protection for IT, Freedom for Laptop Users

View more SECURITY whitepapers

Webcasts

• Key Considerations for a Successful 802.11n Deployment
• Solutions to the Toughest IT Challenges in Remote Offices
• Lowering the Cost of Email Archives
• High Availability for SQL Server 2005 Using Array-Based Replication and Host-Based Mirroring Technologies
• Technical Overview of Exchange Server 2007 with HP Servers and Storage
• Bringing Order and Security to your Mobile Workforce: Corporate Mobility Policy and Device Management On-Demand

View more SECURITY webcasts

Special Reports

• The Evolution of Network Security
• Taking Virtualization Up a Notch
• Learn how to Keep your Mobile Workforce Connected
• The self-managed network

View more SECURITY special reports