Database Assurance in a Data Warehouse
Safeguarding Enterprise Information is Essential.
Using recently-developed database assurance technologies, organizations can achieve more cost-effective, flexible and applicable solutions than previously available. Now, these new technologies can give database users the lead on database attackers and hackers by first of all detecting, and then blocking security intrusions, no matter whether they have been tried before or not, without having a negative impact on the business operation.
An intrusion detection policy must operate in parallel with business intentions, by allowing only authorized transactions. The intrusion detection policy cannot be a static process because the business and the applications that support it are changing. As well, targeted attacks do not necessarily use fixed patterns, as do some viruses.
Contribution to Strategic Business Initiatives
A security defense system has to be customized and personalized to provide maximum protection for an organization's database. The dynamic approach to the proactive security attributes built-in to database assurance applications can be a key enabler for strategic business initiatives. This is especially true for extended-enterprise or e-business customer services, or as a key enabler for strategic IT initiatives, such as federated identity management.
All changes present opportunities for improvements in business efficiency and ergonomics. Saving money, improving customer experience and reducing operational risks are three primary business improvements which need to be considered. One of the key benefits would be to achieve an increase in business revenue by enhancing product performance.
Improved security processes can have a significant impact on the brand value of a product or service, in fact, it is estimated that the brand value asset may be several orders of magnitude greater than the cost savings from reduced incidents. While better security could enhance market penetration of a product or service, the positive effect of preventing security incidents may be much greater than damage caused by such incidents.
Evaluating Options for Security Initiatives
Every business case supporting a security initiative should be submitted with options, which could include a range of more or less expensive alternatives. One of the options would be to take no action, which could possibly invite breaches of security. The serious implications of a ‘no-action’ option should be considered and might include:
- A requirement for costly upgrades to existing legacy systems to minimize inherent security problems
- Lack of a capability to meet on-going business requirements
- Database 'level of access' issues
- Response times to detect and correct security incidents
The risks and potential costs of a decision not to proceed with recommended security and safety changes need to be compared with the additional or reduced benefits and associated costs or savings of the other recommended options.
0ne of the techniques used to protect data and systems from intrusion, is ‘de-perimeterization’ a methodology which protects an organization’s systems and data by a so-called ‘defense-in-depth’ approach based on encryption, authentication, secure protocols and secure systems, as opposed to relying on secure network perimeters.
Research has indicated that security incidents are likely to follow a similar pattern to safety incidents, and ”on average, corresponding to every major safety incident, there are 29 minor incidents and 300 near misses. It is generally assumed that behind the 300 near misses there may be many thousands of individual bad practices.
Protecting Corporate Data
|
What do you think about this article?
- Business Financial Planning
- Business Management
- Business Project Management
- Customer Management
- Customer Relations
- Global Labour Issues
- Human Resources Management
- Management Consulting
- Merchandise Management
- Office/Facilities Management
- Product Quality Control
- Retail Trends
- Store Design & Displays
- Strategic Business Planning
- Supply Chain Management
- Unionization
More in Business & Finance
Latest Articles