Protecting Your Data From Breach Attempts and Unauthorized Access

– Dana Tamir, senior product marketing manager at Imperva (www.imperva.com), says:

Data is constantly at risk from hackers that launch advanced, automated, and large scale attacks as well as from malicious and privileged insiders that may abuse their access for economic or personal gain. Data Security has also become subject to intense regulatory scrutiny – so much so that any viable Data Security solution must be able to address the requirements imposed by auditors and regulators. Organizations need to protect data which lives on file servers and databases, and is accessed by users via a variety of methods. Addressing only one part of the data lifecycle is not enough. This is why Imperva SecureSphere provides data security solutions to protect applications and the underlying databases and file servers where the data lives.

SecureSphere addresses critical datacenter concerns and regulatory compliance requirements. With all the threats to data security in today’s IT landscape, and the growing sophistication of data related attacks, these solutions have become a top priority in datacenters. The concerns are even bigger where information technology turns to cloud computing, virtualization and outsourcing. Access controls, monitoring and enforcement of corporate policies are key to ensure data is stored and accessed in an appropriate manner.

SecureSphere enables organizations to implement processes and controls that meet regulations such as PCI and SOX, and protect data from breach attempts and unauthorized access.

The biggest challenge IT managers face today is implementation of effective controls and addressing regulatory requirements (such as auditing access to regulated data, limiting access rights and scanning for vulnerabilities) across heterogeneous, distributed platforms. Sensitive data is constantly at risk from hackers that launch advanced, automated, and large scale attacks as well as from malicious and privileged insiders that may abuse their access for economic or personal gain. The attacks are becoming more sophisticated and more complex, and as a result IT managers need solutions that provide in-depth, contextual analysis of events.

SecureSphere protects sensitive data from hackers and malicious insiders, provides a fast and cost-effective route to regulatory compliance and establishes a repeatable process for data risk management. SecureSphere Data Security Solutions provide:

• Data Breach Prevention: Real-time protection against hackers and malicious insiders targeting sensitive data
• Regulatory and Industry Compliance: Fast and cost-effective route to compliance with full visibility into data usage, vulnerabilities and access rights
• Data Risk Management: Continuous and repeatable process for identifying and mitigating data risk

Powering the SecureSphere Data Security Suite is a common platform that provides flexible deployment options, unified management, deep analytics and customizable reporting. The SecureSphere platform enables enterprise scalability and accelerates time to value.

In order to select effective data security solutions IT and data center managers need to consider the following:

• Regulatory Compliance: If the main driver for deploying data security solutions is compliance, make sure the solution can fully address the regulation. For database activity monitoring solutions (DAM) and file activity monitoring solutions (FAM) this typically means that the solution can provides details about each event to answer Who?, What?, When? Where? and How? The solution must monitor privileged users as they have unrestricted access to the data platform. This means the all privileged activities must be captured, regardless of the source tool or access path (direct, indirect). The solution should enforce corporate configurations and access policies. Separation of duties is key for ensuring the validity of an audit trail. To ensure the audit trail’s integrity, nobody should have the ability to access or modify the data in the audit repository. Predefined policies and reports are also important as they shorten the time to value. Make sure you can easily customize these to meet unique requirements.
• Attack Protection: To lower the impact of a data breach and prevent attacks, consider the solution’s ability to provide real-time alerts and block attacks. SecureSphere provides comprehensive protection against sophisticated attacks such as SQL injections through integrated web application firewall (WAF), database activity monitoring (DAM) and file activity monitoring (FAM). It can also block database attacks that are preformed at the protocol level (buffer overflow, denial of service, etc.). To prevent fraudulent activity and identify compromised credentials the solution needs to identify abnormal behaviors. SecureSphere’s patented profiling capability automatically alerts, and optionally blocks, activity that deviates from observed behaviors. SecureSphere reputation-based security provides automated defense against automated attacks.
• Attack Prevention: To lower the risk of a data breach IT must assess the vulnerability of applications and databases. SecureSphere risk explorer will enable organizations to identify areas of risk to data and prioritize remediation efforts. SecureSphere also provides the ability to remediate discovered vulnerabilities by applying virtual patches. Users with excessive rights are often at the heart of data breach events. By identifying and eliminating excessive rights and ensuring user access is limited to business need to know, organizations can significantly lower the risk of a data breach.

Imperva delivers not just traditional enterprise products, but also very large scale solutions for service providers and cloud infrastructure services, as well as product and service options that scale to meet the needs of mid-market and small businesses. SecureSphere is able to offer a wide range of deployment models, critical for meeting the unique requirements of different IT environments.