With increasingly sophisticated attacks and rising internal data theft, database security merits a stronger focus that goes beyond traditional authentication, authorization, and access control (AAA). A single intrusion that compromises private data such as credit card numbers, social security numbers, or other financial data can cause immense damage to an enterprise’s reputation, not to mention initiating lawsuits and regulatory fines that can have long-term impact. Database security is the last line of defense, so it deserves greater focus on the protection of private data from both internal and external attacks than IT pros have traditionally given it. Database security professionals and information security and risk management professionals crafting a security strategy should:
Align database security policies with information security policies;
Ensure well-defined and formalized database security procedures
Enforce role separation
Apply advanced security measures such as database auditing, monitoring, database encryption, data masking, and vulnerability assessment to all critical databases that store private data.
Credit Union Times is the nation's leading independent source for breaking news and analysis for credit union leaders. For more than 20 years, Credit Union Times has set the standard for editorial excellence and ethical, straight-forward reporting.