Database Security Articles
The challenges of maintaining security and regulatory compliance as applications increasingly move to the cloud - whether public, private or hybrid - will come into greater focus in 2012, says Ryan Berg, cloud security strategy lead for IBM. The need to manage security among an increasingly mobile workforce, with many employees choosing to use their own personal devices, will also be a key concern in 2012, says Berg.
Posted February 23, 2012
EnterpriseDB, designer of enterprise PostgreSQL and Oracle compatibility products and services, has released the latest version of its Advanced Server platform, Postgres Plus 9.1. The latest update offers improvements in read performance and write scalability, as well as greater flexibility and reliability due to its transaction-level control over synchronous replication, an industry first. Postgres Plus Advanced Server 9.1 is also more secure than previous versions due to the addition of Virtual Private Database, and has expanded its Oracle-compatible features.
Posted February 21, 2012
Ntirety, Inc. announced that it has been successfully audited and certified under the MSPAlliance's (MSPA) Unified Certification Standard for Cloud and Managed Service Providers (UCS). The certification is specifically designed to provide business consumers of cloud and managed services with the assurance that the service provider they hire will meet or exceed the highest principles of quality in areas such as financial stability, facilities, managed services practices, and customer satisfaction.
Posted February 07, 2012
Application Security, Inc. (AppSecInc), a provider of database security solutions for the enterprise, and Unisphere Research, today unveiled the findings from the "Data Security At An Inflection Point: 2011 Survey Of Best Practices And Challenges." A detailed overview of the findings and the implications for enterprise organizations will be presented by Joe McKendrick, lead analyst for Unisphere Research, and Thom VanHorn, vice president, Global Marketing, AppSecInc, in a webinar on Tuesday, Feb. 7, at 11 am ET.
Posted January 30, 2012
CIOs and IT departments are on the frontlines of a monumental IT shift. With the number of mobile devices and applications exploding and bandwidth soaring, they are being asked to find ways to enable the brave new world of enterprise mobility. All involved - from users to IT - recognize the productivity and business efficiency benefits of this trend, but it is typically only IT that also recognizes the dangers unchecked mobility poses to sensitive corporate data.
Posted January 25, 2012
Was one of your New Year resolutions to get the security patches applied in a timely and efficient manner? Oracle's quarterly Critical Patch Update was released yesterday, and IOUG recommends that you apply security patches on a regular basis in order to maintain the security posture of your Oracle environment. Having procedures already in place will make a rollout of these patches easier allowing for pre-checks of the environment and databases, applying the patches, testing and validations and any post-scripts that should run.
Posted January 18, 2012
CyberSource, a Visa company and a gold-level member of the OraclePartnerNetwork (OPN), announced it has achieved Oracle Validated Integration of CyberSource Payment Management Services with Oracle's ATG Commerce Suite 10. Oracle ATG customers can now more rapidly adopt CyberSource's portfolio of payment management services, helping them to get to market faster and grow with less cost and complexity.
Posted January 04, 2012
Stacks of statistics from many sources share a common theme - growth rates for digital information are extremely high and undeniable. A tsunami of e-information is fueling the engine of today's corporate enterprise, and many businesses are aiming to ride the information wave to prosperity. However, many companies are not sufficiently attentive to all the potential liabilities lurking in the depths of this digital information, including the risks involved in using real, live personal customer and employee data for application development and testing purposes. There's real potential for serious data security, legal and noncompliance risks when businesses fail to protect this data.
Posted December 21, 2011
The first calendar year following SAP's acquisition of Sybase is coming to a close. David Jonker, director, product marketing - Data Management & Analytics, Sybase, discusses key product integrations, IT trends that loom large in Sybase's data management strategies, and the emergence of what Sybase describes as DW 2.0. 2011 has been "a foundational year," with effort focused on making Sybase technologies work with SAP and setting the stage for 2012, says Jonker. "We believe 2012 is going to be a big year for us on the database side."
Posted December 21, 2011
More than 350 IOUG members who completed a survey on data security, "Databases Are More at Risk Than Ever: 2011 IOUG Data Security Survey," were entered into a drawing for an Apple iPad. Rob Pierce, an IOUG member - and also a member of the Nashville Oracle Users Group - has been selected as the winner of the iPad in this IOUG ResearchWire sweepstakes drawing.
Posted December 07, 2011
The results of the latest IOUG survey on data security are in and the story is not likely to help data professionals or C-level executives sleep better at night. The study, "Databases are More at Risk Than Ever: 2011 IOUG Data Security Survey," conducted in July 2011 by Unisphere Research, a division of Information Today, Inc., and sponsored by Oracle, finds the security threat level to business is escalating and many information security professionals are concerned about the growing numbers of data breaches as well as the methods by which valuable data is being accessed. The IOUG Data Security Survey has been conducted every year since 2008, and Oracle is making the full report on the 2011 survey, authored by Unisphere Research analyst Joe McKendrick, available on the Oracle website. A short registration form is required for access.
Posted December 07, 2011
Join Oracle and Unisphere for a live webcast to learn more about common practices that are most vulnerable to fraud and error, and the best practices and technologies used by leading vs. laggard organizations to drive the hidden costs out of operations and enforce process controls. Speakers will include Thomas J. Wilson, president, Unisphere Research; Joseph McKendrick, analyst, Unisphere Research; and Stephanie Maziol, director GRC Applications, Oracle.
Posted December 06, 2011
The release of OpenInsight 9.3, the next version of Revelation Software's flagship product, is now imminent, and includes many new features eagerly awaited by Revelation customers. On track to be generally available by the end of the year, Robert Catalano, director of sales at Revelation, says that data encryption is among the major new components in OpenInsight 9.3. "Data encryption will be a key component that will be built into the database. It is data encryption at rest and that means that you can specify tables and fields that are sitting in on your disk drive and that data will be encrypted."
Posted December 01, 2011
Application Security, Inc. (AppSecInc), a provider of database security solutions for the enterprise, will host a webinar roundtable discussion on Tuesday, December 6, at 2 pm ET titled, "Can't We All Just Get Along? Bridging the Gap Between Security Pros and DBAs." The discussion will will focus on the impasse that security pros and DBAs routinely face with the aim that attendees will come away with tips for finding common ground to create a more cohesive working relationship and a more secure data environment.
Posted November 22, 2011
Vormetric, Inc., a provider of enterprise systems encryption and key management solutions, has introduced Vormetric Key Management, a single solution for central control of encryption keys on an enterprise scale. For organizations with heterogeneous database platforms and an increasing number of encryption keys from disparate encryption systems, Vormetric reduces administration costs and security risks. "Enterprises today are encountering significant issues and challenges around encryption key management," Todd Thiemann, senior director of product marketing at Vormetric, tells 5 Minute Briefing.
Posted November 16, 2011
Oracle has announced the latest version of Oracle Identity Analytics (OIA), a component of Oracle Fusion Middleware 11g and the Oracle Identity Management 11g product family. With the release, Oracle Identity Analytics is intended to simplify access review certification with business-centric views and actionable dashboards, enabling a reduction of errors in the certification process and increasing user productivity by up to 80%.
Posted November 09, 2011
People will go to great lengths to avoid identity theft, and many say they would take legal action against government or private organizations that compromise their personal data, according to new research conducted by Unisys. Nearly 90% of the survey respondents said they would take some sort of action in the event of a data breach, ranging from conservative solutions like changing their passwords (87%) to those with more serious commercial implications, such as closing their accounts (76%) or taking legal action (53%).
Posted November 08, 2011
Application Security, Inc. (AppSecInc), a provider of database security solutions, is introducing a new enterprise data security capability, DbProtect Active Response. "Active Response allows us to react in real time to policy violations with a tailored approach that is governed, based on specific events and policy violations we see and the environment that we are operating in," Josh Shaul, CTO of AppSecInc, tells 5 Minute Briefing. "Different customers in different systems will define that kind of thing in their own way, but what is most typical is administrative users accessing and modifying data in the systems they manage." That type of activity is usually out of bounds and is the kind of thing that organizations will typically define as a policy violation - whether it is intentional or accidental - and want to respond, he notes.
Posted October 26, 2011
At OpenWorld, Oracle's annual week-long conference in San Francisco for customers and partners, Andy Flower, president of the Independent Oracle Users Group, spoke with 5 Minute Briefing about the emerging challenges facing IOUG members, the group's plans for the year ahead, including additional training and certification around Exadata, and how Oracle's engineered systems approach is being received. "The overall need for analytics, the growth of data, and the managing and processing of more and more data - those areas are the central themes for us," Flower noted.
Posted October 19, 2011
IBM announced a definitive agreement to acquire privately held Q1 Labs, a Waltham, Massachusetts-based provider of security intelligence software. The move aims to accelerate IBM's efforts to help clients secure their enterprises by applying analytics to correlate information from key security domains and creating security dashboards for their organizations. Financial terms were not disclosed. Following the close of the acquisition, Q1 Labs will join the newly-formed IBM Security Systems division. The new division will be led by Brendan Hannigan, CEO of Q1 Labs.
Posted October 17, 2011
Direct Computer Resources, Inc., a provider of data privacy, file management and application development testing software, has been granted a patent in connection with the data obfuscation technology used in its DataVantage Global software. The software is used for the management and testing of databases and database applications, data migration, and the protection of sensitive data.
Posted September 28, 2011
Vormetric, Inc., a provider of solutions for enterprise systems encryption and key management, and Vcura, Inc., a provider of IT solutions for business, have formed a partnership to develop data protection and regulatory compliance-specific solutions based on the Vormetric Data Security platform for organizations in the U.S. and Canada. "The energy, utilities, and Canadian government markets have unique information security requirements and rely on trusted solution providers for implementation services and support," says Mike Coffield, vice president of Worldwide Channel Operations for Vormetric.
Posted September 21, 2011
Compuware has announced a major upgrade to its test data management solution. Test Data Privacy 3.1 aims to simplify the creation and disguising of test data in non-production environments, lowering the total cost of an enterprise-wide data privacy implementation. The release of Test Data Privacy 3.1 is significant because it enables an enterprise-wide approach to test data privacy, Dennis O'Flynn, product management director at Compuware, tells 5 Minute Briefing. "We have a new user interface that will allow you to interact with both distributed and mainframe data so that a consistent approach can be applied to data privacy."
Posted September 08, 2011
STORServer, a provider of data backup solutions, has added Advanced Encryption Standard (AES) 256-bit encryption to its Archive Backup Client (ABC) and STORServer Data Protection (SDP) software, agents written specifically for OpenVMS customers backing up to IBM's Tivoli Storage Manager (TSM).
Posted September 06, 2011
At the recent VMworld conference, Symantec Corp. announced new enhancements to Backup Exec 2010 designed to provide greater visibility into physical and virtual environments with a single backup solution.
Posted September 06, 2011
VMware, Inc., a provider of virtualization and cloud infrastructure, announced the general availability of VMware vSphere 5, delivering nearly 200 new and enhanced capabilities to help customers transform IT by driving greater efficiency from existing investments and improving operational agility.
Posted September 06, 2011
Informatica Corporation has announced the availability of what the company describes as the industry's first dynamic data masking (DDM) solution. Informatica Dynamic Data Masking provides real-time, policy-driven obfuscation of sensitive data to address a wide range of common data security and privacy challenges without requiring any changes to database or application source code and is intended to address problems that cannot be solved by other technologies such as IAM (identity access management), SDM (static data masking). Informatica Dynamic Data Masking is based on technology developed by ActiveBase, which was acquired by Informatica in July, 2011.
Posted August 29, 2011
The rise of big data has garnered much of the attention in the data management arena lately. But it is not simply the sheer volume of data that is challenging data professionals. Many new types and brands of DBMSs are also popping up across organizations, bringing new problems for the data professionals who are tasked with managing them, and also giving rise to scores of "accidental database administrators" with no formal DBA training, a new Unisphere Research study reveals.
Posted August 11, 2011
EMC Corp. has announced its next generation mainframe virtual tape library (VTL). Designed for use in IBM z/OS and Unisys OS2200 environments, EMC says the new DLm6000 is the industry's fastest mainframe VTL with 2x the performance of its nearest competitor. By leveraging the latest advances in EMC Data Domain and EMC VNX storage systems, the company says the DLm6000 can address the full range of mainframe tape workloads with a single, consolidated all-disk system and will enable mainframe users to minimize their storage and replication costs and improve their disaster recovery capabilities. By matching different workloads to the most appropriate storage, the DLm6000 maximizes system performance and accelerates data retrievals and backup and recovery times. The new EMC DLm6000 will be available in September, 2011.
Posted August 11, 2011
McAfee's recently published analysis of a 5-year targeted cyber attack operation, which it dubbed Operation Shady RAT, should serve as notice for just how sophisticated attackers are becoming, warns Bill Roth, CMO of LogLogic, an IT data management company.
Posted August 09, 2011
Symantec Corp. has announced the availability of Enterprise Vault 10, the new version of its email and content archiving software that now features Symantec's data loss prevention technology. In addition, the latest version of Enterprise Vault 10 offers the ability to archive all social media interactions. "We have seen companies get used to the idea of archiving their email, files, instant messaging, and SharePoint sites, and this is really the next wave," Trevor Daughney, senior manager of product marketing for Enterprise Vault, tells 5 Minute Briefing.
Posted August 08, 2011
IBM and Security First Corp., a data high availability and security company, have announced a joint development agreement aimed at delivering increased performance, security, and high data availability to storage and cloud-based computing customers.
Posted August 08, 2011
Vormetric, Inc., a provider of enterprise systems encryption and key management software, has introduced Vormetric Data Security for SAP, a comprehensive solution that protects data in SAP environments with transparent, high-performance encryption. According to Gretchen Hellman, vice president of product management at Vormetric, SAP modules often contain sensitive data that is under the jurisdiction of the growing numbers of internal governance mandates and external regulations, and so require advanced protection from insider abuse and external breaches.
Posted July 27, 2011
Oracle has introduced the Oracle Exadata Storage Expansion Rack to offer customers a cost-effective way to add storage to an Oracle Exadata Database Machine. "There are customers, earlier Exadata Database Machine customers, that have now started to fill up the disks that they have on the Database Machine and they are starting to look for ways to expand their storage capacity, and so this is going to be really welcome for them," says Tim Shetler, vice president of Product Management, Oracle.
Posted July 27, 2011
The Oracle Applications Users Group (OAUG), the world's largest user knowledgebase for Oracle Applications users, is launching the OAUG Educational Series 2011, a virtual learning series offered to OAUG members from Aug. 8-19, featuring the most popular presentations from the COLLABORATE 11 - OAUG Forum.
Posted July 25, 2011
CA Technologies' Mainframe Security Management products have met the requirements of Common Criteria, an independent security certification recognized by governments in more than 26 countries, including the United States. "CA ACF2 and CA Top Secret are widely used by enterprise level customers, both government and commercial customers, and it's incumbent on us to be diligent in keeping the products current with the most rigorous global security standards," Mark Combs, distinguished senior vice president, mainframe at CA Technologies, tells 5 Minute Briefing.
Posted July 25, 2011
Vormetric, Inc., a provider of enterprise systems encryption and key management solutions, and Fortrex Technologies, Inc., a provider of services and systems for IT security, operational risk, and compliance, have formed a strategic partnership to address the needs of organizations facing regulatory compliance data protection requirements, including the HITECH Act and the Payment Card Industry (PCI) Data Security Standard (DSS). With this partnership, Fortrex, a certified assessor for the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) and PCI DSS Qualified Security Assessor (QSA) company, will offer Vormetric Data Security. "To have a partnership between an encryption vendor and a certified assessor means that the assessor has reviewed the technology and made sure that all of the features within the technology fit all the detailed requirements under the regulations - and there are quite a few," Gretchen Hellman, vice president of marketing and product management, Vormetric, tells 5 Minute Briefing.
Posted July 19, 2011
Melissa Data Corp, a developer of data quality and address management solutions, has announced that its Address Check Web Service is now available on Windows Azure Marketplace DataMarket for Microsoft's Data Quality Services (or any client that embeds the API). Address Check provides real-time address verification and standardization for U.S. and Canadian addresses. Users, from both small and large businesses, can easily add Address Check to their applications to save money on postage and reduce undeliverable mail and shipments by cleaning up inaccurate, incomplete, or undeliverable addresses at point of entry. "It is basically on demand. As they need a service they can use Microsoft's Data Quality Services to link up to the marketplace and pick and choose the types of services almost on an à la carte type of menu," Greg Brown, director of marketing for Melissa Data, tells 5 Minute Briefing.
Posted July 19, 2011