Database Activity Monitoring (DAM) – That’s secure?

The importance of Database Activity Monitoring (DAM) solutions can not be underestimated for today’s connected enterprise. After all, there are countless applications that ultimately interact with a database at one point or another, and most any of those interactions can be the basis for an attack, breach or other nefarious activity.
Nonetheless, monitoring without intelligence, specifically machine intelligence, does little to prevent breaches or other attacks. Simply put, DAM needs to be reactive, or better yet, proactive in its operations. What’s more, DAM also needs to be further empowered by eliminating the need for agents or other software shims to be installed on database servers.
That said, the holy grail of database protection may come in the form of DAM married to an agentless platform that employs Artificial Intelligence (AI). That solution can proactively deal with threats to databases, at least that is what DB Networks and CyberArk have come to believe, as evidenced by a recent partnership by the two IT security companies.

That partnership has resulted in DB Networks combining its DBN-6300 database monitoring and security technology with CyberArk Privileged Account Security Solution, which resulted in a next generation DAM Solution. Ideally, the partnership will improve an organizations’ overall security posture by creating a solution that integrates agentless DAM with AI to deliver vastly improved control over privileged access to data.
GigaOM had the opportunity to discuss the potential of AI powered agentless DAM with DB Networks’ Chairman and CEO Brett Helm, and Adam Bosnian, executive vice president, global business development at CyberArk.

Helm pointed out how critical DAM technology has become, especially to businesses adhering to compliance regulations. Helm said “DAMs are often used as a compensating control for compliance. For example, DAMs support Sarbanes-Oxley (SOX) to ensure the accuracy of financial reports, Payment Card Industry’s Data Security Standard (PCI DSS) for monitoring access to credit card related information, and the Health Insurance Portability and Accountability Act (HIPAA) requirements for monitoring access to sensitive healthcare records.”.
However, the current implementation of DAM solutions is anything but bulletproof. Helm added “Third-party DAM agents’ integration with Database Management System have long been an issue. When the DAM agent fails, the entire database can be brought off-line for an extended period of time.”

Perhaps the best example of that failure comes in the form of a recent security exception, which involved 156 databases at a very large credit card processor last summer. What’s more, other failures have been documented, where the DAM agents failed in such a way that no audit records were captured for months, and were only discovered during an audit. Situations such as those can result in compliance violations, extensive fines, and lost business, all without the data to properly discover what exactly happened.
In light of those events, privileged account management and compliance specific controls have become even more important. Bosnain said “Privileged account management, especially for databases, is critical for security and is also a well-established compliance requirement. The only way to properly address those needs is with a single point of control for privileged sessions, paired with an indexed, tamper-proof record of privileged sessions. Those capabilities enable organizations to easily isolate, monitor, record and control privileged sessions on critical systems and databases. Security teams are able to immediately terminate suspicious privileged sessions and view full video playback of specific user sessions.”

Helm added “The reason many databases operate unmonitored and unprotected is often because organizations lack easy-to-implement tools and trained staff. Our new agentless DAM with its machine learning together with comprehensive privileged account security has significantly simplified and enhanced database monitoring and security.”

(READ MORE)

Source: Gigaom

Tags

Related posts

Top