Is your data secure? (page 1 of 3)

Ninety-three percent of all new information is 'born digital' and therefore potentially at risk of attack by hackers. Nearly every day, we read yet another report stating attacks on commercial enterprises and government organisations continue unabated. Security lapses are never far from the media headlines and regular industry reports and statistics confirm the worst - that the number of Internet security breaches recorded worldwide is on the increase.

More alarmingly, various reports estimate that between two-thirds to three-quarters of all security breaches come from inside the company. And ironically, the majority of breaches will exploit security flaws for which a solution or fix is already available.

Every CIO or IT director will agree that security is a top priority. But how many can actually guarantee that their organisation is fully protected from a security breach? How many companies can hand-on-heart confirm their data is secure? There are several areas of weakness that leave a company's systems exposed, and the costs can be catastrophic.

The network's secure so we're fine, right?

The majority of enterprise security strategies have focused on the network, and IT directors have taken some comfort in protecting their organisation's systems behind firewalls or with intrusion detection systems and virus scanners. The truth is that only a tiny fraction of data is flowing through the network at any one time.

The database is at the centre of an organisation's information system and the lion's share of a company's data - arguably an organisation's most valuable asset - resides in databases. Lose your data and you could be out of business. Consequently, companies should ensure that this critical piece of infrastructure has the highest, appropriate level of security certification available to ensure security and integrity.

The need for database security has dramatically increased with the rise of the Internet. Because it is the applications that access the mission-critical database information that have proved the most vulnerable point of access. As organisations embrace e-business and adopt Internet-based applications, information stored in inadequately protected databases is potentially exposed to attack via bugs or poorly coded web-based applications that exist outside the firewall.

A secure, unbreakable database will withstand these potential intrusions. The single, central database model simplifies access control by applying security policies directly to data, no matter which application or tool is used, and enables the speedy identification of misuse of data. Security only needs to be built once into the database, rather than into each application, resulting in a lower cost of ownership.

The more vendors, the more vulnerable
It would be rare indeed to find a company that operated only one vendor's software. Most companies run a mix of database, applications and networking infrastructure. And the more varieties of software a company installs, the more security holes there are for potential hackers to exploit. The increasing complexity of applications and computing systems provides a cornucopia of opportunities for would-be hackers.

Additionally, the trend towards information sharing among vendors, suppliers, customers and partners has created a very complicated pattern of business flows. To facilitate collaboration with these communities, it has become necessary to allow access to the corporate database.