Thieves making off with laptops, hackers planting a Trojan in a store kiosk to send data to the Ukraine-these are the data breaches that gather the headlines. The result is an overemphasis on endpoint security, according to Tony Cannizzo, CEO of Silos-Connect Technologies, a distributor of database technology in Atlanta.
Securing the perimeter may be job one, but at least equally important is securing data at its source-in the enterprise database. To that end, Cannizzo asserts that protecting data in databases requires a flexible approach to data obfuscation, not simply the use of static encryption.
Since April, Silos-Connect has been distributing data obfuscation technology from ActiveBase, an Israeli company founded in 2002 by several Oracle veterans. With about 50 implementations in Europe, ActiveBase offers three complementary products: ActiveBase Security, ActiveBase Performance and ActiveBase Priority.
The key ActiveBase technology is software that inspects database requests prior to execution. Policies can identify requests for sensitive data and mask data from specified individuals.
"We're like the toll booth," Cannizzo said. "Even with database encryption and existing data obfuscation tools, there is still a version of the database-the source-that you can't encrypt.
"Our sweet spot is controlling privileged user access to that," he said, adding, "ActiveBase Security recognizes production DBAs and hides sensitive data from unauthorized privileged users."
ActiveBase customers use ActiveBase to hide confidential customer information in its databases from the eyes of offshore outsourcing partners.
ActiveBase now works only with Oracle databases, but Cannizzo said plans are in place to support DB2 and SQL Server databases in early 2010. ActiveBase is licensed according to the number of CPU cores and servers monitored.