Scribd
Upload
48 views

Combating Internal Data Insecurity

This document discusses strategies for combating internal data insecurity. It notes that more data than ever is being created and stored, growing exponentially each year. However, data breaches are also increasing, with 92% of stolen records coming from database servers and 48% of breaches caused by insiders. The challenges of threats, compliance requirements, and new opportunities are making data security more complex and costly. A defense-in-depth approach following principles of least privilege and multiple security layers is recommended to protect data throughout its lifecycle from various threats both internal and external.

Uploaded by

John Mungai
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
48 views

Combating Internal Data Insecurity

This document discusses strategies for combating internal data insecurity. It notes that more data than ever is being created and stored, growing exponentially each year. However, data breaches are also increasing, with 92% of stolen records coming from database servers and 48% of breaches caused by insiders. The challenges of threats, compliance requirements, and new opportunities are making data security more complex and costly. A defense-in-depth approach following principles of least privilege and multiple security layers is recommended to protect data throughout its lifecycle from various threats both internal and external.

Uploaded by

John Mungai
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 14

<Insert Picture Here>

Combating internal data insecurity


Michael Muite
Technology Consulting Team Leader, Kenya
Oracle Confidential
2
More data than ever
Source: IDC, 2008
1,800 Exabytes
Growth
Doubles
Yearly
2006 2011
Time Magazine, July 6, 2011
Time Magazine, July 6, 2011
Target of Data Breaches
2010 Data Breach
Investigations Report
Type Category % Breaches % Records
Database Server Servers & Applications 25%
92%
Desktop Computer End-User Devices 21% 1%
2010 Data Breach - Investigations Report
Insider Threats are Real

Endpoint
Security
Vulner-
ability
Manage-
ment
Network
Security
Email
Security
Other
Security
Database
Security
Identity
Management

How do I control insiders?
Can I report on
anomalous behavior?
Can I prevent intrusions?
Can I ensure proper controls
around privileged access?
48% Caused
by Insiders
92% Stolen Records
From Database Servers
86% Hacking Involve
Stolen Credentials
Higher Costs Than Ever
User Management Costs
User Productivity Costs
Compliance &
Remediation Costs
Security Breach
Remediation Costs
It Adds Up
$
Threats
Attacks
Improper Access
Infrastructure Scaling
Compliance
Tougher Regulations
Intrusive Audits
Costly Burdensome Reporting
Opportunities
Social Identity
Mobile Access
Cloud Computing
Massive Web
How do you tackle these Simultaneously
Encryption and Masking
Privileged User Controls
Multi-Factor Authorization
Activity Monitoring and Audit
Secure Configuration
Monitor and Block
Middleware
Applications
User and Role Management
Access Management
Virtual Directories
Rights Management
Identity Governance
Comprehensive Compliance Mgmt.
Centralized Policy Administration
Access Management
Track and Audit Content and Usage
Database Security
Infrastructure Security
Hardware Accelerated Encryption
Secure Key Management and Storage
Strong Workload Isolation
Secure Service Delivery Platforms
Infrastructure
Applications
Middleware Databases
Information
Oracle Security Inside Out
Oracle Confidential
11
Encryption and Masking
Privileged User Controls
Multi-Factor Authorization
Activity Monitoring and
Audit
Secure Configuration
Identity Management
Databases
Applications
Content
Oracle Security Inside Out
Infrastructure
User Provisioning
Role Management
Entitlements Management
Risk-Based Access Control
Virtual Directories
Information
Database Security
Key Princples
Least Privilege
By default, users/consumers should be denied access so that being able to
access data or functionality must be a conscious decision
Users should be granted access to functions and data based on their roles
and/or attributes, i.e., based on needs rather than enabled by default.
A review of a user's access rights should be performed when the user's
attributes change, such as when the user changes roles. Similarly, access
rights must be revoked when a user leaves to organization.
System access to data stores, other systems, and networks should be
granted only to the extent required for proper operation.
Statement
Users and other consumers of resources must operate using the
least set of privileges necessary to complete the job.
Rationale
Security risks increase with the amount of access a user or resource
consumer is granted. Risks can stem from misuse of privilege, un-
intentional destructive actions, compromised accounts, etc.
I
m
p
l
i
c
a
t
i
o
n
s

Key Principles
Defense in Depth
Multiple security perimeters must exist between public networks and
protected resources
Access between perimeters must be restricted such that only traffic from
known systems, ports, and protocols can pass
Communication between perimeters must be restricted so that a connection
cannot span multiple firewalls
Security must be designed such that access to protected resources requires
an attacker to breach more than one security control
Each computing and database platform must be able to inject security
controls into the processing chain
Statement
Failure of a single component of the security architecture must
not compromise the entire IT environment.
Rationale
There are many different types of threats to protect against, therefore
one should strive to minimize risk by adopting a multi-layered, multi-
pronged defense.
I
m
p
l
i
c
a
t
i
o
n
s

Existing Security Solutions Not
Enough
Application
Database
Administrators
Data Must Be Protected in depth
Applicatio
n Users
Malware Key Loggers Espionage
Phishing
SQL Injection
Social Engineering
Web Users
Data
Database Security Defense-in-Depth
Prevent access by non-database users for
data at rest, in motion, and storage
Increase database user identity assurance
Strict access control to application data
even from privileged users
Enforce multi-factor authorization
Audit database activity, and create reports
Monitor database traffic and prevent threats
from reaching the database
Ensure database production environment is
secure and prevent drift
Mask sensitive data in non-production
environments

You might also like