Awaiting Big Names
As good as Guardiums platform sounds, Forresters Yuhanna pointed out that large, Fortune 500 companies are waiting for good database security solutionsparticularly encryptionfrom vendors larger than one of the small companies in this space, such as Guardium, Application Security Inc. and Protegrity Inc. Click here to read about ways to secure your database. Large enterprises have been waiting for the bigger companies, such as Computer Associates Inc., BMC Software Inc. or Quest Software Inc., to step forward with encryption, as well as more integrated, robust security tools around assessment, Yuhanna said."Since the dot-com era, everybodys concerned about startups, when they can be profitable and whatnot," he said. "Your due diligence is to look at the company, its team, its financial plans, its burn rate, its future and so forth. "In this case, Guardiums a small startup company, but what I think they have is a unique technology out there that is solving a problem that is going to proliferate, and a lot of DBAs and security people will have to look at and audit another information medium from a network perspective. And SQL or database security." As far as the products new features go, they sound good to the network services director, who already has the software in-house and is planning to upgrade soon. For one, he said auto-baselining will help give him a visual look at how databases are being used and by what sources and applications. Based on that, he predicted hell have a working template to start enforcing security policies. For insights on security coverage around the Web, check out eWEEK.com Security Center Editor Larry Seltzers Weblog. He also said he likes the thought of the auditing enhancements. "[That module] addresses many things, including auditors, as to what if this plus this plus this happens, retrieval of one cell plus another plus another could equal that [being] a violation of Sarbanes-Oxleyflag it," he said. The SQL Guard platform has three components: the new SQL Guard Security Suite software; hardened system software; and a rack-mountable appliance with reporting applications. It supports databases from IBM, Oracle Corp., Microsoft Corp. and Sybase Inc. SQL Guard Security Suite will be available next week with a list price of $2,995 per module. The SQL Guard platform starts at $12,995. Check out eWEEK.coms Database Center at http://database.eweek.com for the latest database news, reviews and analysis.
The network services director countered any potential fear of implementing tools from a smaller firm such as Waltham, Mass.-based Guardium by relying on due diligence when checking into the company, he said.