With today’s increasingly public use of private information, protecting data resources from security breaches is absolutely crucial. Multiple regulations from organizations like the Payment Card Industry (PCI) mandate that companies in possession of personally identifiable information (PII) protect it from unauthorized access and use.
GreenSQL recently polled IT professionals about the measures they take to prevent developers, QA, DBAs, consultants, outsourced employees, suppliers and application users from having access to sensitive data. The results were surprising:
- 65% take no preventative measures
- 23% use masking techniques only in non-production environments, such as dummy data and scrambling. However, these solutions are expensive, complex and require custom development; moreover, these solutions are not transferrable to other projects.
- 12% deploy dynamic data masking solutions on their production environments.
GreenSQL's Dynamic data masking (DDM) solution applies rules to enforce access, making sure those who need to access certain parts of the sensitive data have it and those who shouldn’t see anything, won’t. It ensures that the data never leaves the database in its original form, preventing information theft. DDM allows real-time masking of sensitive data with no impact on the stored data itself and requires no change in the application’s code.
“Databases are high-quality targets for those engaged in industrial espionage. Many organizations are still vulnerable, which is especially troubling after so many recent attacks. We hope this survey will help companies sit up and take notice of the gaps in their systems and close them." concludes Sadeh.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.