- FBI warns Hit Man e-mail scammer back
- 20 tech habits to improve your life
- Industry mourns slain Cisco exec
- 10 Firefox add-ons for better browsing
- Wireless LANs face scaling challenges
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
When you enter your credit card information into a Web form, you can take comfort in the reassuring padlock icon on your browser. Peek behind the vendor’s network perimeter, though, and you might lose some sleep.
Although companies assure us that transactions are protected in transit by the “military grade” encryption offered by Secure Sockets Layer, once the data pass behind the companies’ perimeter it is often protected by much weaker security, if at all. Last week in Florida, a spammer was indicted on 139 counts for reportedly stealing 8.2G bytes of personal data from a company that stores information on “virtually every adult in the U.S.” The digital heist was reportedly perpetrated using a legitimate username and password acquired while working for a company contracted by the victim.
Information protection in the data center is critical to the overall security of a company’s data. Computer-crime statistics show that the majority of computer security breaches (80%, according to a CSI/FBI 2003 Survey - see link below) are committed by insiders, yet data centers are filled with unprotected sensitive data.
One of the greatest risks comes from information sitting in databases, where it can be stolen en masse and at leisure. Unlike data in transit, which is fleeting and requires sophisticated “eavesdropping,” data in databases is often accessible by a wide range of systems and users: Web servers, back-up systems, database administrators and data-entry personnel. Although all databases provide access control, it is often difficult to apply and maintain these security measures consistently. Guardium and Ingrian are two vendors that are addressing this problem from two different angles.
Guardium’s SQL Guard security appliance can be placed on a network segment next to a database server to monitor all database queries. Although similar products have existed for performance monitoring, SQL Guard focuses on securing database access. As a monitor it can examine each database query to identify the who, when, what and where of each access request. After monitoring “normal” access for a while, administrators of the appliance can define a baseline policy and be alerted to “exceptions” that may indicate foul play. Furthermore, if the appliance is placed in-line (in front of the database) it can also perform access control and actively block queries that deviate from the policy.
Rss FeedRss Feed
Aging network systems and old habits have dictated how businesses spend their IT budgets. As a...
Implementing HA at the Enterprise Data Center Edge to Connect to a Large Number of Branch OfficesThis paper reviews the problem of creating a network where the dynamic availability of services is...
Enterprise Data Center Network Reference ArchitectureUsing a High Performance Network Backbone to Meet the Requirements of the Modern Enterprise Data...
The standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Harnessing the power of communications to increase workplace performanceDue to the convergence of IT and telecommunications technologies, the business workplace has been...
Stay out of the headlines: Detecting and preventing network intrusionsHow do YOU stay out of the headlines? There is no denying that risk exists in our computer-driven...
Discover how Software as a Service is the economical alternative to expensive on-site software,...
IT Buyer's Guide To: Data backup and ReplicationLearn the latest on Data backup software tools that allow professionals to safekeep their data...
Bringing IT Operations Management to Open Source and BeyondLearn how to cost effectively and efficiently manage your open source environment in this...
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Explore the Ultrium Edge
The powerful tape technology can address data security with tape encryption as well as long term data protection.
Find out more
Disk and Tape Square Off
Discover what disk and tape really cost -- and which solution provides lower total cost of ownership and optimizes energy use for your organization
Download the White Paper
Don't Fall For The Myths
The Clipper Group explores the truth behind the myths of tape, digging into the misconceptions in the disk vs. tape debate.
Download the White Paper
Will You Add Tape Too?
Over two thirds of disk-only users look to add tape back into storage infrastructure according to recent survey.
Download Survey Information
Comment