Forrester Outlines Database Security Trends in 2009
sponsored by Guardium

In its new report, Cambridge, MA-based Forrester Research examines the ever-changing database security market, including database security challenges, vendors and features. SearchOracle.com talked with Noel Yuhanna, author of the report and a Principal Analyst at Forrester Research.

Download HERE

6 Best Practices for Preventing Enterprise Data Loss
sponsored by RSA, The Security Division of EMC

Not only is the number of data thefts and losses due to security breaches continuing to grow at an alarming rate, the resulting monetary impact of these losses is also skyrocketing. So-called 'enterprise data loss' cost businesses nearly $105 billion last year, according to U.S. government estimates.

Based on more than 25 years of experience in the security industry, RSA has developed a strong understanding of the best practices that help prevent enterprise data loss. By following these best practices, companies can not only improve their ability to secure sensitive customer data, but also protect revenue, ensure customer loyalty, build brand value and meet government regulations. These best practices include:

1. Understand what data is most sensitive to your business
2. Know where your sensitive data resides
3. Understand the origin and nature of your risks
4. Select the appropriate controls based on policy, risk, and where sensitive data resides
5. Manage security centrally
6. Audit security to constantly improve

Download HERE

Top Ten Database Security Threats: How to Mitigate the Most Significant Database Vulnerabilities
sponsored by Imperva, Inc

The enterprise database infrastructure is subject to an overwhelming range of threats. This document is intended to help organizations deal with the most critical of those threats by providing a list of the top ten database vulnerabilities as identified by Imperva's Application Defense Center. Background information, general risk mitigation strategies, and Imperva's SecureSphere Database Security Gateway protections are provided for each threat.

Top Ten Database Security Threats

1. Excessive Privilege Abuse
2. Legitimate Privilege Abuse
3. Privilege Elevation
4. Database Platform Vulnerabilities
5. SQL Injection
6. Weak Audit Trail
7. Denial of Service
8. Database Communication Protocol Vulnerabilities
9. Weak Authentication
10. Backup Data Exposure

By addressing these top ten threats, organizations will meet the compliance and risk mitigation requirements of the most regulated industries in the world.

Download HERE

8 Steps to Holistic Database Security

sponsored by Guardium

SQL injection attacks, malfeasance by insiders and regulatory requirements are driving organizations to find new ways to secure corporate and customer data stored in databases such as Oracle, Microsoft SQL Server, IBM DB2 and Sybase. To make matters worse, enterprises are typically way behind in applying database security patches that can prevent costly breaches.

Authored by Ron Ben Natan, Ph.D., author of "HOWTO Secure and Audit Oracle 10g and 11g" (CRC Press, March 2009), this white paper describes 8 essential best practices that provide a holistic approach to safeguarding databases and achieving compliance, including:

• Discovering sensitive data in your environment.
• Hack-proofing DBMS environments with vulnerability and configuration assessment.
• The role of database activity monitoring (DAM) and change auditing.

Read this whitepaper to find out more.

E-Guide: The Ins and Outs of Database Encryption
sponsored by Guardium

Encrypting an enterprise database can be a daunting task for IT professionals with challenges in areas such as performance, compliance, and integration. There are few tasks in the practice of information security as daunting as encrypting an enterprise database. Aside from managing potential compatibility, reliability and performance requirements, security pros face a myriad of encryption options, key management pitfalls, and application integration requirements. Database encryption should never be taken lightly, but a little knowledge and planning will go a long way toward ensuring a successful project.

Download HERE

Guardium Architecture

Ron Ben Natan Guardium CTO speaks

Guardium, the database security company, develops the most widely-used solution for database activity monitoring, security and auditing, with a blue-chip customer base that spans organizations in all major geographies and industries. The company was recognized by Forrester as "A Leader across the board" in The Forrester Wave: Enterprise Database Auditing and Real-Time Protection, Q4 2007 (October 2007) with the #1 score for Architecture and the highest overall scores for Current Offering, Product Strategy, and Corporate Strategy.

Founded in 2002, Guardium was the first company to address the core data security gap by delivering a scalable, appliance-based platform that both protects databases in real-time and automates the entire compliance auditing process. The company has partnerships with Oracle, Microsoft, IBM, Sybase, BMC, EMC, RSA, Accenture and NetApp, with Cisco as a strategic investor, and is a member of IBM's prestigious Data Governance Council and the PCI Security Standards Council.

www.guardium.com