According to one recent Forrester study, 80 percent of data security breaches involve insiders, employees or those with internal access to an organization, putting information at risk. The big challenge for companies today – particularly as email and the Internet make sharing and distributing corporate information easier than ever - is to strike the right balance between providing workers with appropriate access and protecting sensitive information as much as possible. For example, database users traditionally are assigned a database administrator (DBA) role or granted multiple system privileges. As well, DBAs enjoy unbridled system access in order to manage companies’ IT infrastructure 24/7 and to respond to emergency situations.
As companies continue to consolidate databases and streamline operations to maximize both efficiency and the protection of data from external threats, this user- and role-based security model no longer complies with “need-to-know” security best-practices. Nor does the model meet SOX or PIPEDA regulatory requirements for adequate protection of data privacy. Today, to help ensure the safety, integrity and privacy of corporate information, more companies are pursuing a comprehensive, multi-factored security approach.
A multi-factored security modelWhat exactly is a multi-factored security approach? Simply put, this approach is built on the defense-in-depth principle, which introduces multiple mechanisms to augment the traditional user and role security model. That means controls, restrictions and boundaries are set up so that even employees with database access privileges cannot freely use, alter or export sensitive information.
These mechanisms can be grouped into four categories: realms, rules, roles and policies.
RealmsRealms are established to encapsulate within a protection zone an existing application or set of database objects. One advantage of a consolidated database is the elimination of information silos and increased economies of scale. At the same time, however, information contained within a single database may require different levels of protection. By segmenting a database into mini-virtual private databases, employees can gain access only to the information that is pertinent to their jobs. Companies, in turn, can conveniently monitor and control the use of sensitive information and retrieve data usage records for auditing as required.
RulesRules further restrict operations based upon specific requirements and needs. This is accomplished using environmental or domain-specific decision factors such as database, machine, IP addresses, time-of-day and authentication modes. For example, an organization can prevent an administrator from making changes to a database system from outside of the corporate intranet or when working outside of normal business hours.
Such rules are becoming more crucial as employees increasingly require remote access to corporate information. Organizations cannot control the security standards of external networks, so the best defense is to restrict select information traffic over pre-approved IP addresses.
RolesAs companies adjust their organizational structure to meet new or rapidly evolving business needs, they need to ensure that employee access to information complies with their specific roles and responsibilities. For example, for large enterprises, the role of database administration and security administration should ideally be separated. Not only should database administrators have limited or no access to sensitive information that is irrelevant to their duties, such as employees’ personal records, security administrators need to be empowered to restrict such access, according to corporate security policy.
At the same time, a security administrator and a database administrator can share the responsibility of managing sensitive information. Tools need to be in place so that the security administrator can prevent the database administrator from intentionally or accidentally altering or destroying data assets.
System PoliciesThe schema of a database defines the structure and the type of contents that each data element within the structure can contain. Thanks to new database security technologies, restrictions can now be set by security administrators to prevent employees with access to sensitive information from modifying the schema. By separating the schema and data management within a database system, the policy further supports the separation of duties principle, allowing DBAs to perform their database management duties while leaving the security administrator to protect the database infrastructure.
Striking a correct and efficient balance between employees’ needs, corporate security policies and required workflow practices is often a moving target. Changing business needs, evolving technologies, emerging regulations and shifting economic pressures exert a real and constant impact on every organization. Success in business is about change and for that reason, a multi-factored security model, supported by comprehensive policies and the appropriate technologies, is increasingly being seen today as the best defense that an enterprise can deploy to protect itself and its reputation.