Database activity monitoring: intrusion detection & security auditing
The most effective database security practice, defense-in-depth, employs multiple layers of protection to reduce the risk of intrusion, which include vulnerability assessment and intrusion detection/security auditing. Protecting an organization's sensitive data encompasses more than a set of permissions. The first layer of defense should always be along the network perimeter, which is typically protected by a firewall. However, while perimeter security is necessary, it is no longer sufficient. It is unreasonable to believe attackers cannot get behind, through, or around any firewall due to the dependent and interconnected nature of networks. It is necessary to start thinking about securing your organization's database with layers - not only at the perimeter, but also at the source of the data as well. You must consider a layered defense when protecting your data.
At net-security.bitpipe.com, free registration required.
[ Read more ]