8 Simple Steps to Protect Your Database

 
 
By Brian Prince  |  Posted 2008-03-19
 
 
 

8 Simple Steps to Protect Your Database

By Brian Prince and Chris Preimesberger

Slide 1

8 Simple Steps to Protect Your Database

8 Simple Steps to Protect Your Database - #1. Directly Monitor Your Financial Database

Slide 2

Rather than monitor your network, where rogue users can gain untraceable access to your data, monitor your financial databases. Make sure your tools can identify, provide alerts and help you respond to unusual activities on a near real-time basis.


8 Simple Steps to Protect Your Database - #1. Directly Monitor Your Financial Database

8 Simple Steps to Protect Your Database - #2. Assess and Remediate Weaknesses

Slide 3

Many databases are vulnerable to unauthorized access due to insufficient patch levels or the use of default or weak passwords. These conditions can leave the door open to unauthorized users who bypass application-level controls and directly alter data.


8 Simple Steps to Protect Your Database - #2. Assess and Remediate Weaknesses

8 Simple Steps to Protect Your Database - #3. Audit User Access

Slide 4

Database access rights must be regularly reviewed and, if need be, revised to ensure user rights are consistent and properly limited. This is especially important given the rise of self-service applications and direct customer access. The failure to modify-

8 Simple Steps to Protect Your Database - #3. Audit User Access

8 Simple Steps to Protect Your Database - #4. Know How Users Use the Database

Slide 5

One of the best defenses against outside attacks and internal fraud is the detection of anomalous activity. Implement database-monitoring tools that distinguish normal and abnormal activities for each user, and that can immediately respond to abnormal activities.


8 Simple Steps to Protect Your Database - #4. Know How Users Use the Database

8 Simple Steps to Protect Your Database - #5. Verify Transaction Authenticity

Slide 6

A forensic trail generated through auditing tools can help verify the authenticity of database transactions.


8 Simple Steps to Protect Your Database - #5. Verify Transaction Authenticity

8 Simple Steps to Protect Your Database - #6. Require Independent Review

Slide 7

Even trusted users can manipulate standard business practices to perpetrate fraud with special, end-of-period adjustments. Check all individual- and application-sourced changes to financial data to identify odd adjustments. And, verify adjustments with independent monitoring and auditing software, rather than the accounting software that your financial personnel use.


8 Simple Steps to Protect Your Database - #6. Require Independent Review

8 Simple Steps to Protect Your Database - #7. Automate Controls To Reduce Annual Audit Costs

Slide 8

Manual annual audits are expensive, cause seasonal spikes in resource requirements, overburden your staff, introduce errors and slow down other operations. Conversely, an automated, continuous monitoring of key database controls helps you identify issues throughout the year, enables quick resolution of issues and reduces expensive, time-consuming mitigation procedures.


8 Simple Steps to Protect Your Database - #7. Automate Controls To Reduce Annual Audit Costs

8 Simple Steps to Protect Your Database - #8. Employ Encryption To Protect Data

Slide 9

Regulatory compliance requires that some data in the database be encrypted, but all companies should consider encryption as it mitigates risk.


8 Simple Steps to Protect Your Database - #8. Employ Encryption To Protect Data

8 Simple Steps to Protect Your Database - See More Slideshows Like This One

8 Simple Steps to Protect Your Database - See More Slideshows Like This One

Rocket Fuel