Securing your data at server level
The recent pattern of database attacks reported at social media giant Twitter and compromises at national newspapers, including the Wall Street Journal and the New York Times, demonstrate that bad guys can breach the perimeter – and that their target is server data.
There are lessons we can learn from these headline events. While most organisations have invested heavily over the years in strong perimeter defences including firewalls, network IDS/IPS, and gateway antivirus and content security, the increasing number of compromises shows that traditional perimeter defences are becoming less effective in defending against current attacks.
With more and more companies leveraging private and public clouds for potential cost-savings or rapid application deployment, organisations should understand where their sensitive data is located and that it is fully protected wherever it may reside. While perimeter defences continue to be needed, enterprises can measurably improve their security posture by putting protection as close to the data as possible.
Channel partners have the opportunity to engage with potential enterprise buyers and detail risks along with operational cost savings and regulatory compliance benefits from such a data-centric approach.
An organisation’s ‘crown-jewels’ will typically be located at the server level. This is where databases and unstructured data containing sensitive information such as intellectual property, Personally Identifiable Information (PII), electronic personal healthcare information, or payment details are invariably stored.
Protecting ‘data at rest’ here typically requires a combination of technologies to combat a variety of external and internal threats. Organisations need to get their business done – access to this information and its flow between business departments and external partners will be mission critical – but they must also ensure that, should they be compromised, whatever data is intruded upon is completely ineligible to unauthorised parties. Building layers of protection to include database activity monitoring and granular encryption solutions capable of being applied to all data, both structured (as in databases) and unstructured (as in files) make for a sound option to avoid becoming a cybercrime statistic.
The downside of not using data-centric protection is that it heightens the possibility of a breach. For example, encrypting an entire Storage Area Network (SAN) might provide check-box encryption, but does little to stop hacks one someone is inside the network. Encrypting at the file level mitigates against these sorts of breaches and provides the separation of duties required by many compliance regimes.
Placing controls on the data itself reduces risk and ensures a comprehensive last line of security in to avoid an unfortunate data breach. Furthermore it enables businesses that operate across international jurisdictions to meet compliance mandates of the individual countries they are working in. As a result, channel partners have a fantastic opportunity, not only to educate enterprises on the tools available to protect the resources that matter the most, but equally inform their customers of the different data protection laws they may be subject to depending on where their data is located.
In recent times, businesses have struggled on two fronts – a continued lack of budget available to increase essential security measures, and a lack of understanding of how to sufficiently combat the threats targeting their resources. Cybercrime is a highly-sophisticated and destructive industry bent on stealing valuable information and damaging brands’ reputations and jeopardising consumer or stakeholder trust. In addition, the ICO is becoming more vigilant in ensuring that enterprises do their part to protect sensitive information. This is where channel partners have an opportunity to step in and set the agenda.
All organisations need to start considering themselves at risk and take decisive action to secure and control access to data to avoid falling victim. The channel has an excellent opportunity to educate, support and bring expertise to enterprises needing to solve the data protection conundrum, helping organisations to understand the importance of gathering security intelligence around what is happening to their sensitive data in order to counter threats in a much more cost-effective and comprehensive way.
Paul Ayers leads Vormetric’s channel programme in EMEA.