1. Market Research
  2. > IT Services
  3. > Hosting Market Trends
  4. > Database Security in a Dynamic IT World

Database Security in a Dynamic IT World

  • March 2015
  • -
  • Frost & Sullivan
  • -
  • 9 pages

Introduction

Databases are under attack. Public statements by Target, Home Depot, and Anthem following their highly publicized data breaches are both uniform and succinct on how their breaches unfolded: unauthorized access to IT systems that ultimately led to extraction of sensitive information. Excerpts from Home Depot’s and Anthem’s statements serve to illustrate:
• Home Depot – Criminals used a third-party vendor’s user name and password to enter the perimeter of Home Depot’s network. These stolen credentials alone did not provide direct access to the company’s point-of-sale devices. The hackers then acquired elevated rights that allowed them to navigate portions of Home Depot’s network and to deploy unique, custom-built malware on its self-checkout systems in the U.S. and Canada. In addition to the previously disclosed payment card data, separate files containing approximately 53 million email addresses were also taken during the breach.
• Anthem – These attackers gained unauthorized access to Anthem’s Information Technology (IT) system and have obtained personal information from our current and former members such as their names, birthdays, medical IDs/Social Security numbers, street addresses, email addresses and employment information, including income data.

Data breach costs are mounting. Although the impact of data breaches on brand and business is difficult to segregate from other influences, what is clear is that there are tangible expenses that the breached companies incur; for example, in their good faith efforts to protect affected individuals from further damage with free credit monitoring and identity protection services. Also, class-action lawsuits represent another expense. Target, for example, received preliminary approval on a $ million settlement related to its 2013 breach; a token amount relative to $ million, primarily in legal fees, the company reportedly spent in 2014.3 There are also forensics investigations to conduct, usually through a third party, and changes in technologies and processes to ward off a breach reoccurrence.

These three companies are not alone; they represent the growing trend of data breaches resulting from hacking.4 According to Verizon, in its 2014 Data Breach Investigations Report, hacking contributed to data breaches more frequently than any other threat action; and hacking’s frequency has been increasing over the last three years.5 Malware and social engineering (e.g., phishing), which are commonly used with hacking, are second and third in frequency, respectively. From this same report, servers (inclusive of database servers) are the primary data breach target.

While attacks on traditional on-premises databases are reason enough to be concerned, big data and cloud deployments elevate the concern. Many big data initiatives are organizational experiments with new types of data stores (e.g., Hadoop and NoSQL) and new data sources, looking to unlock valuable insights that can fuel new revenue-generating and cost-cutting processes. But such experimentation, unless carefully managed from the start and into production, can increase the risk of data breaches. Second, cloud adoption contributes to a more agile and dynamic IT environment, but it places data in environments that are not fully in the organization’s control, both figuratively and literally.

Recognizing that big data and cloud will be part of the IT future for most organizations, and can also be sizable data repositories, Stratecast believes that organizations must prepare for all contingencies in developing a database security strategy. What matters most in this preparation is that the organization can adroitly manage the risks associated with sensitive data, across a variety of IT environments, while also maximizing the data’s business value. In this SPIE, we examine database security fundamentals that help to ensure high levels of flexibility in data use, and effectiveness in data protection.

Table Of Contents

Database Security in a Dynamic IT World
Introduction
Database Security's Four Primary Requirements
Stratecast - The Last Word
About Stratecast
About Frost and Sullivan

View This Report »

Get Industry Insights. Simply.

  • Latest reports & slideshows with insights from top research analysts
  • 24 Million searchable statistics with tables, figures & datasets
  • More than 10,000 trusted sources
24/7 Customer Support

Talk to Veronica

+1 718 514 2762

Purchase Reports From Reputable Market Research Publishers
Canadian IT Security Hardware, Software, Services, and Cloud Forecast, 2016-2020

Canadian IT Security Hardware, Software, Services, and Cloud Forecast, 2016-2020

  • $ 7500
  • Industry report
  • September 2016
  • by IDC

This IDC study forecasts all security markets in Canada, including hardware, software, SaaS, and security services, down to the subfunctional level as defined in IDC's Worldwide Security Products Taxonomy, ...

Penetration Testing Market by Testing Service, Deployment Mode, Organization Size, Vertical, and Region - Global Forecast to 2021

Penetration Testing Market by Testing Service, Deployment Mode, Organization Size, Vertical, and Region - Global Forecast to 2021

  • $ 5650
  • Industry report
  • August 2016
  • by MarketsandMarkets

“Increased sophistication level in attacking techniques is driving the growth of the penetration testing market” MarketsandMarkets estimates the global penetration testing market to grow from USD 594.7 ...

User and Entity Behavior Analytics Market by Type, Deployment Type, Vertical - Global Forecast to 2021

User and Entity Behavior Analytics Market by Type, Deployment Type, Vertical - Global Forecast to 2021

  • $ 5650
  • Industry report
  • August 2016
  • by MarketsandMarkets

“Increasing need to prevent insider threats posed by users is one of the factors driving the global user and entity behavior analytics market.” The global user and entity behavior analytics (UEBA) ...


ref:plp2015

Reportlinker.com © Copyright 2016. All rights reserved.

ReportLinker simplifies how Analysts and Decision Makers get industry data for their business.