Database Security Articles
Kroll Ontrack, a provider of data recovery, e-discovery and information management, has introduced the latest version of Ontrack Eraser, a software tool that enables overwrite erasure of data on hard drives to ensure security and so that drives can be re-purposed. The new 4.0 release provides VMware eraser capabilities, expanded drive wiping capacity, and new reporting and security management functionality. "The one thing that the industry is struggling with today is being able to confirm that VMDKs (virtual machine disks), are wiped securely. It is a very manual mundane process today that we have made easier because we have essentially created a software product to help automate that process as well as easier for the customer to select specifically which virtual disks they want to wipe," Abhik Mitra, data recovery product manager at Kroll Ontrack, tells 5 Minute Briefing.
Posted January 10, 2013
IBM has entered into a definitive agreement to acquire StoredIQ Inc., a privately held company based in Austin, Texas. IBM says StoredIQ will advance its efforts to help clients derive value from big data and respond more efficiently to litigation and regulations, dispose of information that has outlived its purpose and lower data storage costs. The acquisition is about "information economics," Ken Bisconti, VP of ECM Marketing, IBM, tells 5 Minute Briefing. "It is really about managing the value of content and information, and helping also to dispose of it defensibly as it becomes of less value."
Posted December 20, 2012
For many years, enterprise data center managers have struggled to implement disaster recovery strategies that meet their RTO/RPOs and business continuity objectives while staying within their budget. While the challenges of moving, managing, and storing massive data volumes for effective disaster protection have not changed - exponential data growth and the advent of big data technologies, have made the challenge of disaster recovery protection more difficult than ever before.
Posted December 19, 2012
The latest IOUG study on database security finds that there are measures that need to be taken to safeguard data from internal abuse; however, preventing privileged users from negligence or malfeasance is a serious challenge. According to this year's study, human error has beat out internal hackers or unauthorized users as the biggest security risk. In addition, more than half of respondents say their organizations still do not have, or are unaware of, data security plans to help address contingencies as they arise. These enterprise data security challenges, and more, are highlighted in a new survey of 350 data managers and professionals by the Independent Oracle Users Group. Underwritten by Oracle Corporation and conducted by Unisphere Research, a division of Information Today, Inc., it covered progress within three key areas of database security - prevention, detection, and administration.
Posted December 19, 2012
Attunity Ltd., a provider of information availability software solutions, has officially launched Attunity CloudBeam, a fully-managed data transfer SaaS platform for Amazon Web Services (AWS) Simple Storage Service (S3). With its beta completed, the high-performance data transfer solution was unveiled and demonstrated live at the AWS re: Invent Customer and Partner Conference from in Las Vegas, NV. "This is aimed at folks today that are using AWS or will be using AWS for all kinds of use cases where data is core to their strategy," Matt Benati, vice president of Global Marketing at Attunity, tells DBTA. "All these use cases demand the movement of data and it really has to be a frictionless movement of data at scale. That is what Attunity does best."
Posted December 19, 2012
Oracle has merged the core capabilities of the Oracle Audit Vault and Oracle Database Firewall products, creating the new Oracle Audit Vault and Database Firewall product which expands protection beyond Oracle and third-party databases with support for auditing the operating system, directories and custom sources. "It is really one single, streamlined solution to do both security and compliance for Oracle and non-Oracle databases, and extending beyond databases, to operating systems, file systems, and directories - essentially the structure surrounding your database," notes Vipin Samar, vice president, Database Security, Oracle. "Data governance is increasingly important in many organizations and, as we know from the IOUG survey that we did earlier this year, we have very few organizations that are monitoring sensitive data access," adds Roxana Bradescu, director of product marketing, Data Security, Oracle.
Posted December 19, 2012
In the never-ending battle for enterprise data security, industry experts say there has been progress on several fronts, but there is still much work that needs to be done. There is an enormous amount of data that tends to leak out of the secure confines of data centers, creating a range of security issues. "There are many copies of data which have less security and scrutiny than production environments," Joseph Santangelo, principal consultant with Axis Technology, tells DBTA. "The increased reliance on outsourcers and internal contractors leave sensitive data within corporate walls open to misuse or mistakes." Or, as another industry expert describes it, the supply chain often proves to be the greatest vulnerability for data security. "A typical organization has a direct relationship with only 10% of the organizations in its supply chain — the other 90% are suppliers to suppliers," Steve Durbin, global vice president of the Information Security Forum, tells DBTA.
Posted December 19, 2012
Protecting databases using encryption is a basic data security best practice and a regulatory compliance requirement in many industries. Databases represent the hub of an information supply chain. However, only securing the hub by encrypting the database leaves security gaps because sensitive data also exists alongside the database in temporary files, Extract-Transform-Load (ETL) data, debug files, log files, and other secondary sources. According to the "Verizon 2011 Payment Card Industry Compliance Report," unencrypted data that resides outside databases is commonly stolen by hackers because it is easier to access
Posted December 19, 2012
At OpenWorld, Oracle's annual conference for customers and partners, John Matelski, president of the IOUG, and CIO for Dekalb County, Georgia, gave his perspective on the key takeaways from this year's event. Matelski also described the user group's efforts to help the community understand the value of Oracle's engineered systems and deal with the broad implications of big data, and how the IOUG is supporting Oracle DBAs in their evolving roles.
Posted December 12, 2012
DataMotion has introduced a new version of its SecureMail Gateway, an intelligent monitoring solution that uses policy-based encryption and Exact Matching functionality to prevent data leakage and protect sensitive information in email messages and file attachments. The automated solution takes email security and compliance out of the hands of employees to minimize human error, ensure strict policy enforcement company-wide, and make it easier for organizations to protect information in transit and adhere to privacy regulations.
Posted December 11, 2012
Maintec Technologies has opened a new data center in North Carolina, providing mainframe co-location, mainframe raised floor space, and mainframe managed services. According to Maintec, its new mainframe co-location data center, situated 200 miles inland on the second floor of a brick building, is well-suited for companies in the Raleigh, Durham, Chapel Hill, Morrisville and Cary region. And, for New York and Washington, D.C. companies seeking an inland data center, the Maintec mainframe co-location data center is accessible via the nearby Raleigh/Durham International Airport.
Posted December 10, 2012
HP announced a range of new enhancements to its Converged Storage portfolio, intended to address storage management issues within virtualized, cloud and big data archive environments. The refresh of the company's storage portfolio includes new HP 3PAR StoreServ Storage, HP StoreAll Storage, and HP StoreOnce Backup product offerings. With the understanding that the storage sprawl at many organizations is unsustainable, the goal of the updated HP storage portfolio is to simplify the overall experience within customer environments, Craig Nunes, vice president of worldwide marketing, HP Storage, tells 5 Minute Briefing.
Posted December 10, 2012
Voltage Security, a provider of encryption and key management solutions, has announced a partnership with data integration software provider Informatica to deliver seamless integration of Voltage's data-centric security platform Voltage SecureData with Informatica's data masking software. The integration is aimed at providing protection across the entire application development lifecycle, from creation to production to application retirement. The solution is expected to lower the cost of protecting data in production and non-production environments through a combination of encryption, tokenization and masking capabilities. "We are known as the inventors of format-preserving encryption and that is part and parcel of why Informatica is working with us. Format-preserving encryption solves some unique challenges in masking that you can't do any other way," Jeremy Stieglitz, vice president of business development at Voltage Security, tells 5 Minute Briefing.
Posted November 28, 2012
SAP is planning to deliver six new SAP mobile apps for Windows 8. SAP also announced forthcoming support for Windows 8 development on the SAP Mobile Platform as well as security enhancements to the SAP Afaria mobile device management solution. Through these apps, platform support and security enhancements, SAP said it intends to extend business processes to Windows 8 to accelerate a business' ability to run better with devices of various form factors. The announcements were made at SAPPHIRE NOW + SAP TechEd in Madrid.
Posted November 28, 2012
Grid-Tools Ltd., a provider of test data management, test data generation and data masking software and solutions, has announced enhanced data masking solutions for mainframe users. The company's Enterprise Data Masking suite now provide full native support for data masking and subsetting for z/OS on DB2, VSAM, IMS and Non-Indexed Files.
Posted November 26, 2012
Application and server management solutions provider Idera has released version 5.0 of Idera Server Backup, designed to be an affordable, enterprise-class software solution for physical and virtual server environments. According to Idera, the solution is offered at a price point that is 80% lower on average than competing solutions, and provides a fast and proven solution for backup and recovery for mixed server environments, including physical, virtual, Windows, and Linux.
Posted November 13, 2012
When virtualization was first born, IT departments went gangbusters using this revolutionary change to get better performance out of their servers. In all the excitement of implementation, something not so very small was overlooked — backup and recovery. The lack of proper planning forced jobs and recovery to fail, and backup admins started feeling backed into a corner. Thankfully, times have changed, and IT departments, now very aware of these issues, have gotten savvy at avoiding the potential pains of virtualization infrastructure. But a new challenge has emerged.
Posted November 13, 2012
Asigra Inc., a cloud backup, recovery and restore software provider, has unveiled Asigra Cloud Backup v12, a solution for backing up all enterprise data in a single consolidated repository. Cloud Backup v12 provides cloud application support (SaaS and PaaS), mobile endpoint support, advanced virtual disaster recovery for VMware environments and anytime/anywhere data recovery across the enterprise.
Posted November 12, 2012
In a new survey of 207 IT and data executives, respondents report that their organizations are behind the curve when it comes to managing the risks that could come from exposing live data to less secure settings—including development departments and outside contractors. This is an Achilles' heel that is being overlooked in data security efforts. The survey, which drew responses from the membership of the Independent Oracle Users Group (IOUG), was conducted by Unisphere Research, a division of Information Today, Inc., and sponsored by IBM. The executive summary of the report titled "Testing the Bounds of Data Governance: 2012 IOUG Test Development & QA Survey" is publicly available - and IOUG members may access the full report from the IOUG website.
Posted November 07, 2012
Application Security, Inc. (AppSecInc) has updated its database scanning tool, AppDetectivePro, with expanded capabilities and a new user interface. The new tool allows organizations to quickly and easily understand their security posture and capabilities to proactively remediate vulnerabilities and protect sensitive information.
Posted November 01, 2012
Varonis Systems Inc., a data governance software provider, has released DatAdvantage 5.8, offering customers greater flexibility and management in data governance for unstructured and semi-structured data. Varonis DatAdvantage 5.8 introduces internally developed collectors that can run alongside or instead of Varonis probes running Microsoft SQL. These collectors can collect the information without an SQL server, making implementation easier, improving performance, and reducing overhead. "It is a great investment in our architecture, and it gives you more flexibility about where you can use SQL or not use SQL," David Gibson, vice president of strategy at Varonis, tells 5 Minute Briefing.
Posted October 16, 2012
At Oracle OpenWorld, F5 Networks showcased its integrated solution for Oracle Database Firewall that provides enhanced security for web-based database applications. F5's solution integrates F5 BIG-IP Local Traffic Manager (LTM) and BIG-IP Application Security Manager (ASM) with Oracle Database Firewall to protect against SQL injection attacks and provide richer forensic information about these threats.
Posted October 10, 2012
Real-time IT management company ManageEngine, a division of ZoHo Corp., debuted key product portfolio enhancements at Oracle OpenWorld 2012. In addition to its flagship network monitoring software (NMS), OpManager, the company has upgraded its network configuration and change management (NCCM) solution, DeviceExpert, and enterprise password management software, Password Manager Pro. "Historically, IT has been more of a batch-oriented organization, where you submit a problem and wait for some resolution but as businesses make technology more ingrained in their overall revenue generation and profit generation functions, you just can't have that. It has got to move with the pace of business, and so a lot of the product announcement and development focus for us has been to deliver more real-time capabilities," Raj Sabhlok, president of ManageEngine, tells 5 Minute Briefing.
Posted October 09, 2012
Database security company Application Security, Inc. (AppSecInc) has announced the general availability of a major new release of its flagship platform, DbProtect. Version 6.4 incorporates insights gained from 10 years of working with customers, Josh Shaul, CTO of AppSecInc, tells 5 DBTA. DbProtect is intended to let organizations evaluate the security of their database environment and have access to preventative controls so they can eliminate security risks without the need to patch or reconfigure databases. With this release, the product, which has been rebuilt from scratch, offers a much easier to use interface as well as the ability to provide various groups of stakeholders with individual views based on a single scan, thereby limiting the burden on the database as well as limiting user access based on roles, notes Shaul.
Posted September 26, 2012
An educational and interactive webcast will review the findings of the 2012 IOUG Test, Development and QA Survey and discuss the best practices and issues that it highlights. This IOUG study was conducted by Unisphere Research, a division of Information Today, Inc., and sponsored by IBM. Presented by Kimberly Madia, WW product marketing manager at IBM, and Thomas Wilson, president and CEO, Unisphere Research, the webcast will be held Thursday, September 27, from 12 - 1 PM CDT. Attendees to the webcast will receive a copy of the study report.
Posted September 26, 2012
In recent years, the networks of developers, integrators, consultants, and manufacturers committed to supporting database systems have morphed from one-on-one partnerships into huge ecosystems in which they have become interdependent on one another, and are subject to cross-winds of trends and shifts that are shaping their networks. Nowhere is this more apparent than the huge ecosystem that has developed around Oracle. With Oracle's never-ending string of acquisitions, new functionality, and widespread adoption by enterprises, trends that shape this ecosystem are certain to have far-reaching effects on the rest of the IT world. Concerns that percolate through the ecosystem reflect — and influence — broad business concerns. New paradigms — from cloud computing to big data to competing on analytics — are taking root within the Oracle ecosystem long before anywhere else.
Posted September 19, 2012
Attunity CloudBeam, Attunity's recently introduced SaaS platform for Amazon Web Services (AWS), has expanded its services to provide a new data replication-as-a-service solution for AWS' Simple Storage Service (S3). Currently available for testing, the service provides replication and synchronization of big data stored in S3 across AWS cloud regions to enable business-critical initiatives, including disaster recovery, backup and data distribution. "Amazon Web Services has a replication capability but it is far less efficient and performant than ours and this is one of the reasons that AWS is so happy to have this capability," Matt Benati, vice president of global marketing, Attunity, tells 5 Minute Briefing.
Posted September 10, 2012
Data protection and management vendor Quantum Corp. has announced that Teradata, an analytic data solutions company, will offer Quantum's Scalar tape libraries and Scalar Key Manager encryption software standard in its enterprise data protection solution. Quantum's Scalar tape libraries feature iLayer management software and are designed for a broad range of data protection and archive environments.
Posted August 28, 2012
Oracle has announced Oracle Exalogic Elastic Cloud Software 2.0. According to Oracle, customers in 43 countries across 22 industries have already adopted Oracle Exalogic, and it is the fastest growing Oracle engineered system with 3x Y/Y sales bookings based on the last two quarters of FY 2012. The second generation of Exalogic is raising the bar even further, with a single integrated system that addresses the key business goals of application owners - to seize market opportunities, lower business risk and reduce cost and complexity, noted Hasan Rizvi, senior vice president for product development at Oracle, who spoke during a webcast presentation to launch the new release.
Posted August 23, 2012
It is impossible to have missed the sweeping changes being thrust upon the data world due to regulatory compliance. But even if you've noticed, chances are that the sheer volume of regulations was too mind-boggling to fully digest. Compliance starts with the CEO, but it works its way down into the trenches, and impacts database administration. With that in mind, this month's column will offer a brief introduction to the regulatory landscape and its impact on database administration.
Posted August 21, 2012
IBM announced it has entered into a definitive agreement to acquire Texas Memory Systems (TMS), a developer of high-performance flash memory solutions. TMS is a privately held company based in Houston, Texas. Financial terms of the deal were not disclosed.
Posted August 20, 2012
Data warehousing is undergoing the most radical transformation seen since it was first conceived in the 1970s, and brought to market in the late 1980s and 1990s. One reason for this transformation is that data warehouses are on the front lines of the big data explosion. Findings from a new survey of IOUG members indicate that while most companies have well-established data warehouse systems, adoption is still limited within their organizations. This survey, underwritten by Oracle Corporation and conducted by Unisphere Research, a division of Information Today, Inc., included input from 421 data managers and professionals.
Posted August 08, 2012
Certes Networks, a developer of network and cloud encryption solutions, has announced that its Virtual Certes Enforcement Point (vCEP) for cloud security has achieved VMware Ready status. This designation indicates that the vCEP has undergone detailed test procedures and is supported on VMware vSphere 5 for production environments.
Posted August 07, 2012
DataDirect Networks (DDN), a provider of scalable storage, announced a centralized management solution for its storage, file system, and in-storage processing technology. With a unified interface designed to handle all aspects of big data storage infrastructure administration, DDN's DirectMon minimizes administrator overhead and provides a framework for both real-time and predictive systems management and tuning of SAN, NAS and parallel file storage environments.
Posted August 06, 2012