PCI Certificate

PCI Certificate

Importance of Database Activity Monitoring

December 24, 2014 PCI Compliance No Comments

Database Activity Monitoring is a key process in the data protection suite of activities. Databases being the key place for data storage, database activity monitoring and additional services such as database firewall, vulnerability virtual patching etc. are key in the process of data protection

The importance of this protect become so visible after the recent acquisitions of Guardium by IBM and Sentrigo by McAfee. There are a number of other service providers who are into the Database Activity Monitoring business.

Before deciding a product for you database activity monitoring, one need to look into some of the following factors:

  • Consider this as part of the data protection program. Develop short, mid and long terms objectives of Database Security as well as data security. Map your objectives with the system features offered by the vendor. Also assess the roadmap from the vendor on the future plans of the product enhancements
  • Understand the offering and decide whether to choose an agent based or agentless solution. Agent based is better, if you have local connection established by the users directly at the server
  • This should be part of your overall security monitoring program and should not work in isolation. If it is not part of the overall security monitoring program, it is highly likely that it would be a product and not a solution which is implemented

According to Gartner four emerging towards Database Activity Monitoring (DAM) are:

  1. Data/Information Governance
  2. Enterprise data security
  3. Enterprise Security monitoring
  4. Database Security Management

I would see the Database monitoring in the context of all the four above and would recommend to assess the solution at least within the above 4 approaches. Unless an organization has built the information governance structure which include the first three approaches listed above, the database activity monitoring and the database security would remain a stand-alone process. Just like any stand-alone process the chances of it failing would be high when compared with an integrated approach for database security.

When discussing the importance of database activity monitoring, the regulatory requirements are to be considered as well. Key regulations / standards which would require database monitoring to be implemented includes PCI DSS, HIPAA and SOX. In addition, anticorruption laws and data breach notification requirements are as well requires database security and monitoring. These regulations are some of the compelling drivers for implementing database activity monitoring

database security

Database Activity Monitoring

Dual Control or Segregation of Duties?

Leave a Reply Cancel reply

Recent Posts

  • PCI Compliant Hosting
  • Best Practices to Minimise PCI DSS Exposure
  • How to achieve PCI DSS Compliance
  • PCI DSS File Integrity Monitoring
  • Firewall for PCI Compliance

Recent Comments

    Archives

    • October 2015
    • September 2015
    • June 2015
    • April 2015
    • December 2014
    • October 2014
    • April 2014
    • March 2014
    • January 2014
    • December 2013
    • January 2013

    Categories

    • OpenSource tools PCI Compliance
    • PCI Compliance
    • PCI Policies
    • PCI Segmentation

    Meta

    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org
    Proudly powered by WordPress | Theme: Doo by ThemeVS.