Database Security Articles
In the never-ending battle for enterprise data security, industry experts say there has been progress on several fronts, but there is still much work that needs to be done. There is an enormous amount of data that tends to leak out of the secure confines of data centers, creating a range of security issues. "There are many copies of data which have less security and scrutiny than production environments," Joseph Santangelo, principal consultant with Axis Technology, tells DBTA. "The increased reliance on outsourcers and internal contractors leave sensitive data within corporate walls open to misuse or mistakes." Or, as another industry expert describes it, the supply chain often proves to be the greatest vulnerability for data security. "A typical organization has a direct relationship with only 10% of the organizations in its supply chain — the other 90% are suppliers to suppliers," Steve Durbin, global vice president of the Information Security Forum, tells DBTA.
Posted December 06, 2012
Protecting databases using encryption is a basic data security best practice and a regulatory compliance requirement in many industries. Databases represent the hub of an information supply chain. However, only securing the hub by encrypting the database leaves security gaps because sensitive data also exists alongside the database in temporary files, Extract-Transform-Load (ETL) data, debug files, log files, and other secondary sources. According to the "Verizon 2011 Payment Card Industry Compliance Report," unencrypted data that resides outside databases is commonly stolen by hackers because it is easier to access
Posted December 06, 2012
The latest IOUG study on database security finds that there are measures that need to be taken to safeguard data from internal abuse; however, preventing privileged users from negligence or malfeasance is a serious challenge. According to this year's study, human error has beat out internal hackers or unauthorized users as the biggest security risk. In addition, more than half of respondents say their organizations still do not have, or are unaware of, data security plans to help address contingencies as they arise. These enterprise data security challenges, and more, are highlighted in a new survey of 350 data managers and professionals by the Independent Oracle Users Group. Underwritten by Oracle Corporation and conducted by Unisphere Research, a division of Information Today, Inc., it covered progress within three key areas of database security - prevention, detection, and administration.
Posted December 05, 2012
Attunity Ltd., a provider of information availability software solutions, has officially launched Attunity CloudBeam, a fully-managed data transfer SaaS platform for Amazon Web Services (AWS) Simple Storage Service (S3). With its beta completed, the high-performance data transfer solution was unveiled and demonstrated live at the AWS re: Invent Customer and Partner Conference from in Las Vegas, NV. "This is aimed at folks today that are using AWS or will be using AWS for all kinds of use cases where data is core to their strategy," Matt Benati, vice president of Global Marketing at Attunity, tells DBTA. "All these use cases demand the movement of data and it really has to be a frictionless movement of data at scale. That is what Attunity does best."
Posted December 04, 2012
Voltage Security, a provider of encryption and key management solutions, has announced a partnership with data integration software provider Informatica to deliver seamless integration of Voltage's data-centric security platform Voltage SecureData with Informatica's data masking software. The integration is aimed at providing protection across the entire application development lifecycle, from creation to production to application retirement. The solution is expected to lower the cost of protecting data in production and non-production environments through a combination of encryption, tokenization and masking capabilities. "We are known as the inventors of format-preserving encryption and that is part and parcel of why Informatica is working with us. Format-preserving encryption solves some unique challenges in masking that you can't do any other way," Jeremy Stieglitz, vice president of business development at Voltage Security, tells 5 Minute Briefing.
Posted November 28, 2012
SAP is planning to deliver six new SAP mobile apps for Windows 8. SAP also announced forthcoming support for Windows 8 development on the SAP Mobile Platform as well as security enhancements to the SAP Afaria mobile device management solution. Through these apps, platform support and security enhancements, SAP said it intends to extend business processes to Windows 8 to accelerate a business' ability to run better with devices of various form factors. The announcements were made at SAPPHIRE NOW + SAP TechEd in Madrid.
Posted November 28, 2012
Grid-Tools Ltd., a provider of test data management, test data generation and data masking software and solutions, has announced enhanced data masking solutions for mainframe users. The company's Enterprise Data Masking suite now provide full native support for data masking and subsetting for z/OS on DB2, VSAM, IMS and Non-Indexed Files.
Posted November 26, 2012
Application and server management solutions provider Idera has released version 5.0 of Idera Server Backup, designed to be an affordable, enterprise-class software solution for physical and virtual server environments. According to Idera, the solution is offered at a price point that is 80% lower on average than competing solutions, and provides a fast and proven solution for backup and recovery for mixed server environments, including physical, virtual, Windows, and Linux.
Posted November 13, 2012
When virtualization was first born, IT departments went gangbusters using this revolutionary change to get better performance out of their servers. In all the excitement of implementation, something not so very small was overlooked — backup and recovery. The lack of proper planning forced jobs and recovery to fail, and backup admins started feeling backed into a corner. Thankfully, times have changed, and IT departments, now very aware of these issues, have gotten savvy at avoiding the potential pains of virtualization infrastructure. But a new challenge has emerged.
Posted November 13, 2012
Asigra Inc., a cloud backup, recovery and restore software provider, has unveiled Asigra Cloud Backup v12, a solution for backing up all enterprise data in a single consolidated repository. Cloud Backup v12 provides cloud application support (SaaS and PaaS), mobile endpoint support, advanced virtual disaster recovery for VMware environments and anytime/anywhere data recovery across the enterprise.
Posted November 12, 2012
In a new survey of 207 IT and data executives, respondents report that their organizations are behind the curve when it comes to managing the risks that could come from exposing live data to less secure settings—including development departments and outside contractors. This is an Achilles' heel that is being overlooked in data security efforts. The survey, which drew responses from the membership of the Independent Oracle Users Group (IOUG), was conducted by Unisphere Research, a division of Information Today, Inc., and sponsored by IBM. The executive summary of the report titled "Testing the Bounds of Data Governance: 2012 IOUG Test Development & QA Survey" is publicly available - and IOUG members may access the full report from the IOUG website.
Posted November 07, 2012
Application Security, Inc. (AppSecInc) has updated its database scanning tool, AppDetectivePro, with expanded capabilities and a new user interface. The new tool allows organizations to quickly and easily understand their security posture and capabilities to proactively remediate vulnerabilities and protect sensitive information.
Posted November 01, 2012
At OpenWorld, Oracle's annual conference for customers and partners, John Matelski, president of the IOUG, and CIO for Dekalb County, Georgia, gave his perspective on the key takeaways from this year's event. Matelski also described the user group's efforts to help the community understand the value of Oracle's engineered systems and deal with the broad implications of big data, and how the IOUG is supporting Oracle DBAs in their evolving roles.
Posted October 24, 2012
Varonis Systems Inc., a data governance software provider, has released DatAdvantage 5.8, offering customers greater flexibility and management in data governance for unstructured and semi-structured data. Varonis DatAdvantage 5.8 introduces internally developed collectors that can run alongside or instead of Varonis probes running Microsoft SQL. These collectors can collect the information without an SQL server, making implementation easier, improving performance, and reducing overhead. "It is a great investment in our architecture, and it gives you more flexibility about where you can use SQL or not use SQL," David Gibson, vice president of strategy at Varonis, tells 5 Minute Briefing.
Posted October 16, 2012
At Oracle OpenWorld, F5 Networks showcased its integrated solution for Oracle Database Firewall that provides enhanced security for web-based database applications. F5's solution integrates F5 BIG-IP Local Traffic Manager (LTM) and BIG-IP Application Security Manager (ASM) with Oracle Database Firewall to protect against SQL injection attacks and provide richer forensic information about these threats.
Posted October 10, 2012
Real-time IT management company ManageEngine, a division of ZoHo Corp., debuted key product portfolio enhancements at Oracle OpenWorld 2012. In addition to its flagship network monitoring software (NMS), OpManager, the company has upgraded its network configuration and change management (NCCM) solution, DeviceExpert, and enterprise password management software, Password Manager Pro. "Historically, IT has been more of a batch-oriented organization, where you submit a problem and wait for some resolution but as businesses make technology more ingrained in their overall revenue generation and profit generation functions, you just can't have that. It has got to move with the pace of business, and so a lot of the product announcement and development focus for us has been to deliver more real-time capabilities," Raj Sabhlok, president of ManageEngine, tells 5 Minute Briefing.
Posted October 09, 2012
Database security company Application Security, Inc. (AppSecInc) has announced the general availability of a major new release of its flagship platform, DbProtect. Version 6.4 incorporates insights gained from 10 years of working with customers, Josh Shaul, CTO of AppSecInc, tells 5 DBTA. DbProtect is intended to let organizations evaluate the security of their database environment and have access to preventative controls so they can eliminate security risks without the need to patch or reconfigure databases. With this release, the product, which has been rebuilt from scratch, offers a much easier to use interface as well as the ability to provide various groups of stakeholders with individual views based on a single scan, thereby limiting the burden on the database as well as limiting user access based on roles, notes Shaul.
Posted September 26, 2012
An educational and interactive webcast will review the findings of the 2012 IOUG Test, Development and QA Survey and discuss the best practices and issues that it highlights. This IOUG study was conducted by Unisphere Research, a division of Information Today, Inc., and sponsored by IBM. Presented by Kimberly Madia, WW product marketing manager at IBM, and Thomas Wilson, president and CEO, Unisphere Research, the webcast will be held Thursday, September 27, from 12 - 1 PM CDT. Attendees to the webcast will receive a copy of the study report.
Posted September 26, 2012
In recent years, the networks of developers, integrators, consultants, and manufacturers committed to supporting database systems have morphed from one-on-one partnerships into huge ecosystems in which they have become interdependent on one another, and are subject to cross-winds of trends and shifts that are shaping their networks. Nowhere is this more apparent than the huge ecosystem that has developed around Oracle. With Oracle's never-ending string of acquisitions, new functionality, and widespread adoption by enterprises, trends that shape this ecosystem are certain to have far-reaching effects on the rest of the IT world. Concerns that percolate through the ecosystem reflect — and influence — broad business concerns. New paradigms — from cloud computing to big data to competing on analytics — are taking root within the Oracle ecosystem long before anywhere else.
Posted September 19, 2012
Attunity CloudBeam, Attunity's recently introduced SaaS platform for Amazon Web Services (AWS), has expanded its services to provide a new data replication-as-a-service solution for AWS' Simple Storage Service (S3). Currently available for testing, the service provides replication and synchronization of big data stored in S3 across AWS cloud regions to enable business-critical initiatives, including disaster recovery, backup and data distribution. "Amazon Web Services has a replication capability but it is far less efficient and performant than ours and this is one of the reasons that AWS is so happy to have this capability," Matt Benati, vice president of global marketing, Attunity, tells 5 Minute Briefing.
Posted September 10, 2012
Data protection and management vendor Quantum Corp. has announced that Teradata, an analytic data solutions company, will offer Quantum's Scalar tape libraries and Scalar Key Manager encryption software standard in its enterprise data protection solution. Quantum's Scalar tape libraries feature iLayer management software and are designed for a broad range of data protection and archive environments.
Posted August 28, 2012
Oracle has announced Oracle Exalogic Elastic Cloud Software 2.0. According to Oracle, customers in 43 countries across 22 industries have already adopted Oracle Exalogic, and it is the fastest growing Oracle engineered system with 3x Y/Y sales bookings based on the last two quarters of FY 2012. The second generation of Exalogic is raising the bar even further, with a single integrated system that addresses the key business goals of application owners - to seize market opportunities, lower business risk and reduce cost and complexity, noted Hasan Rizvi, senior vice president for product development at Oracle, who spoke during a webcast presentation to launch the new release.
Posted August 23, 2012
It is impossible to have missed the sweeping changes being thrust upon the data world due to regulatory compliance. But even if you've noticed, chances are that the sheer volume of regulations was too mind-boggling to fully digest. Compliance starts with the CEO, but it works its way down into the trenches, and impacts database administration. With that in mind, this month's column will offer a brief introduction to the regulatory landscape and its impact on database administration.
Posted August 21, 2012
IBM announced it has entered into a definitive agreement to acquire Texas Memory Systems (TMS), a developer of high-performance flash memory solutions. TMS is a privately held company based in Houston, Texas. Financial terms of the deal were not disclosed.
Posted August 20, 2012
Data warehousing is undergoing the most radical transformation seen since it was first conceived in the 1970s, and brought to market in the late 1980s and 1990s. One reason for this transformation is that data warehouses are on the front lines of the big data explosion. Findings from a new survey of IOUG members indicate that while most companies have well-established data warehouse systems, adoption is still limited within their organizations. This survey, underwritten by Oracle Corporation and conducted by Unisphere Research, a division of Information Today, Inc., included input from 421 data managers and professionals.
Posted August 08, 2012
Certes Networks, a developer of network and cloud encryption solutions, has announced that its Virtual Certes Enforcement Point (vCEP) for cloud security has achieved VMware Ready status. This designation indicates that the vCEP has undergone detailed test procedures and is supported on VMware vSphere 5 for production environments.
Posted August 07, 2012
DataDirect Networks (DDN), a provider of scalable storage, announced a centralized management solution for its storage, file system, and in-storage processing technology. With a unified interface designed to handle all aspects of big data storage infrastructure administration, DDN's DirectMon minimizes administrator overhead and provides a framework for both real-time and predictive systems management and tuning of SAN, NAS and parallel file storage environments.
Posted August 06, 2012
Oracle announced the latest release of the Oracle Identity Management platform, Oracle Identity Management 11g Release 2. The new release brings together Oracle's portfolio of Identity Management offerings, consolidating them into three main categories designed to help customers improve performance and operational scale. "Oracle Identity Management 11g Release 2 addresses key new business requirements such as integrating with social identity to power customers' marketing plans or safely expanding their offerings through mobile with our new access solutions," Marc Boroditsky, vice president, Oracle Identity Management, tells 5 Minute Briefing.
Posted August 01, 2012
Idera, a provider of application and server management solutions announced the availability of SQL secure 2.7, the latest version of a solution that helps DBAs improve security and ensure compliance with corporate and industry audit requirements.
Posted July 31, 2012
The volume of data now being stored by businesses is at a point where the term "big data" almost feels inadequate to describe it. The size of big data sets is a constantly moving target, ranging from a few dozen terabytes to many petabytes of data in a single data set. And it is estimated that, over the next 2 years, the total amount of big data stored by business will be four times today's volumes. As business continues its inexorable shift to the cloud, weblogs continue to fuel the big data fire. But there are plenty of other sources as well - RFID, sensor networks, social networks, social, Internet text and documents, Internet search indexing, call detail records, scientific research, military surveillance, medical records, photography archives, video archives, and large-scale e-commerce transaction records.
Posted July 31, 2012
Data security provider Imperva has announced upgrades to its Database Audit and Protection (DAP) solution, SecureSphere Database Activity Monitoring 9.5. The company has also released a new version of its free database vulnerability scanner, Scuba 2.0. These solutions provide new features and capabilities that meet the security needs of large and distributed enterprise data centers by protecting data warehouses.
Posted July 24, 2012
In the always-on global economy, access to enterprise data is critical, and interruptions and delays in the flow of information necessary for decision-making can have serious consequences. A new study fielded by Unisphere Research among IOUG members and sponsored by Oracle explores the issues related to planned and unplanned downtime, alongside high availability and disaster recovery solutions. The survey which garnered input from 358 data managers and professionals, finds that at least half of the respondents are working to provide their organizations with real-time or near-real-time data, but the challenge to meeting this goal is increasing as data volumes escalate and the variety and velocity of data heightens as well.
Posted July 19, 2012
Gazzang and 10gen, the company behind the NoSQL database MongoDB, have formed a partnership that will help customers meet data security compliance regulations and guard against unauthorized access or attack. Gazzang also announced that its zNcrypt solution for encrypting and securing data achieved formal 10gen certification.
Posted July 16, 2012
SEPATON, Inc., which provides disk-based data protection solutions specifically designed for large enterprises, has released DeltaStorDBeXstream software, which is intended to enable the backup and restore of large databases at industry-leading rates while also delivering high capacity reduction through byte-differential deduplication. The software is part of the 6.1 release of its enterprise-optimized data protection software, which powers its S2100 systems.
Posted June 20, 2012
Oracle has announced the Sun ZFS Backup Appliance, an integrated, high performance backup solution for Oracle engineered systems, including the Oracle Exadata Database Machine, Oracle Exalogic Elastic Cloud and Oracle SPARC SuperCluster T4-4. According to Oracle, the Sun ZFS Backup Appliance delivers up to 20TB per hour full backup and up to 9.4TB per hour full restore throughputs, the fastest published recovery rates among general purpose storage systems for Oracle engineered systems data protection. Oracle's Sun ZFS Backup Appliance is available in two configurations, High Performance and High Capacity, and comes pre-racked and cabled, helping to eliminate hardware tuning.
Posted June 13, 2012
Hortonworks, a commercial vendor promoting the innovation, development and support of Apache Hadoop, has announced the general availability of Hortonworks Data Platform (HDP) 1.0 which is intended to make Hadoop easy to consume and use in enterprise environments. "With the general availability of Hortonworks Data Platform 1.0, Hortonworks is delivering on its promise to make Apache Hadoop an enterprise viable data platform," says Rob Bearden, CEO of Hortonworks.
Posted June 13, 2012
Ravi Pendekanti heads Systems Product Marketing for Oracle on a global basis. He has been in the Systems industry for more than two decades, working in the areas of servers, storage, software and networking. In this article, Exabriefing talks with Pendekanti about the Oracle engineered systems approach - what's been learned and why it works.
Posted June 13, 2012
Dataguise, a provider of data security intelligence and protection solutions, has announced a data privacy protection and risk assessment solution for Hadoop. The new solution, DgHadoop, provides compliance assessment and enforcement for centralized data privacy protection to simplify data compliance management, improve operational efficiencies and reduce regulatory compliance costs.Now in beta, DgHadoop will be available starting in July 2012 directly through Dataguise and through strategic Dataguise partners, including Cloudera, Hortonworks, MapR and Compuware.
Posted June 12, 2012
Global IDs, Inc., a provider of data governance and master data management (MDM) software, has introduced the Global IDs Data Governance Appliance, an integrated hardware and software solution targeted at small and medium-sized businesses (SMBs). The primary users for the appliance are expected to be enterprise data architects, data quality managers and data warehouse managers.
Posted June 05, 2012