In last few years, there have been some major changes in the security threats that any person can faces online, and regulatory compliance landscape any person does business in. Both of these things are focusing on data than just networks. We see breach disclosures growing every now and then, and with them grow regulations meant at protecting them.
These security risks are not so easy to manage; an anti-virus or a firewall would not be enough to stop them. The applications and databases are run in quite complex environments; these have many business dependencies and requirements too. Therefore, it is quite necessary to make sure protection for information, but at the same time these security measures should not interfere with the business itself.
Database Activity Monitoring or DAM is one such technology which perfectly balances the security and the business. It captures and records all SQL (Structured Query Language) activities done in the real or near real time. Besides, SQL DAM captures activity of database administrator, across multiple database platforms and if it notices some policy violations, it also generates alerts. It works well for the overall web application securityand keeps hackers at a bay.There are following five features that make DAM different from other available tools for monitoring database activities.
- The process of database activity monitoring has a unique ability to audit and monitor all the database activities including the activities of administrator and ‘select’ transactions.
- It stores information on all the activity happening outside the database, securely.
- It also has an ability to combine and link activities from multiple Database Management Systems.
- It enforces separation of duties on DBAs
- It generates alerts on policy violations
The selection process of tool
Prior to looking for any particular tools, you should have a clear understanding of why you might need DAM; also how are you planning to use it. Other important things you need to clear are the business processes around management, the policy creation and incident handling.
You may consider creating a selection committee, which should ideally have people from both technical and nontechnical units. Database and security team is typically the main drivers of the project, and non technical professionals are needed for the compliance needs. As the second step, the platforms and system that are to be protected should be clearly defined. In the third step, the compliance and protection requirements should be determined. The fourth step should involve outlining the reporting needs and process workflow.
Evaluating the products
Sometimes,it is tricky to find out a product that would exactly meet the particular requirements. But by taking a few steps, you can definitely able to choose it. For this, you can contact several database activity monitoring product vendors, collect materials from these vendors and compare them to your RFP and RFI. Now select the best from these, and call these for the presentations and demonstrations; you can also ask thevendors to go through your specific uses; you should handover your RFPs to the shortlisted vendors. After this, review the responses and drop the vendors who do not cater to minimum stated requirements; being in the products and begin testing the same; test thoroughly the product and when you are completely satisfied, negotiate with the vendor and buy it. If you find the evaluation product difficult and time consuming, you can also contact information security companies in India.