http://www.techworld.com/security/news/index.cfm?newsID=108428 By John E. Dunn Techworld 15 December 2008 One of the best ways to improve database security is to carefully monitor the very people entrusted to manage them, database administrators (DBAs), a report has concluded. Perhaps not surprisingly, the Aberdeen Group study of 120 mostly large companies around the globe found a correlation between adopting a range of database security practices and frequency of data breaches. Companies ranked as using ‘best practice' suffered 8 percent fewer incidents of data loss compared to those not adopting such measures, and ended up with 10 percent fewer of a range of audit deficiencies. However, one of the defining characteristics of companies rated as having good security was a strict management of the managers. This means that database staff are monitored in some form, there is a separation of duties between different managers, and certain kinds of database access are blocked or restricted. "In this study, respondents estimated that databases are the repository for nearly two-thirds of their sensitive data, so it's no surprise that the results show organisations that monitor privileged user activity suffer fewer data losses," said Aberdeen group's Derek E. Brink. [...] _______________________________________________ Help InfoSecNews.org with a donation! http://www.infosecnews.org/donate.htmlReceived on Mon Dec 15 2008 - 23:32:53 PST
This archive was generated by hypermail 2.2.0 : Mon Dec 15 2008 - 23:46:05 PST