Database Security Articles
CIOs and IT departments are on the frontlines of a monumental IT shift. With the number of mobile devices and applications exploding and bandwidth soaring, they are being asked to find ways to enable the brave new world of enterprise mobility. All involved - from users to IT - recognize the productivity and business efficiency benefits of this trend, but it is typically only IT that also recognizes the dangers unchecked mobility poses to sensitive corporate data.
Posted May 09, 2012
Oracle has announced a major new release of JD Edwards EnterpriseOne, an integrated applications suite of enterprise resource planning (ERP) software. Enhancements in the 9.1 release focus on three main areas - usability and productivity, deeper industry-specific functionality, and greater support for global operations and compliance, Bob Monahan, senior director of product strategy and product management of JD Edwards, Oracle, tells 5 Minute Briefing.
Posted April 25, 2012
EMC Corporation has announced new EMC Data Domain Boost (DD Boost) integration with Oracle Recovery Manager (RMAN). DD Boost software provides advanced integration between EMC Data Domain deduplication storage systems and applications for faster, more efficient backup and recovery. The DD Boost software distributes part of the deduplication process to the Oracle database server and enables RMAN to directly manage Data Domain replication. "This is important because with this new announcement, it really brings complete control of Oracle backup and disaster recovery to the Oracle database administrators," Rob Emsley, senior director of product marketing for EMC's Backup Recovery Systems division, tells 5 Minute Briefing.
Posted April 25, 2012
SEPATON, Inc., a provider of disk-based data protection solutions designed for large enterprises, has announced that its S2100 is the first data protection platform to receive certification by Symantec for supporting Symantec's NetBackup OpenStorage Auto Image Replication (A.I.R.) software. SEPATON has also been certified by Symantec for supporting optimized synthetic backups.
Posted April 17, 2012
Zettaset has announced SHadoop, a new security initiative designed to improve security for Hadoop. The new initiative will be incorporated as a security layer into Zettaset's Hadoop Orchestrator data management platform. The SHadoop layer is intended to mitigate architectural and input validation issues that exist within the core Hadoop code, and improve upon user role audit tracking and user level security.
Posted April 12, 2012
Zetta.net, a provider of enterprise-grade online backup and disaster recovery solutions, has unveiled a new version of its flagship cloud service. According to the company, Zetta DataProtect 3.0 brings enterprise-grade cloud data protection for small and mid-size enterprises in a managed service that requires no appliances and can be deployed within minutes. The solution aims to simplify and automate backups of critical IT assets and enable businesses to access and instantly recover critical files, directories or entire file systems from anywhere via the web.
Posted April 11, 2012
Solution development work is usually accomplished via projects, or a combination of programs and projects. This project perspective often leads to thoughts of documentation as project-owned. And while many documents are project-specific, such as timelines, resource plans, and such, not everything is project-specific. Unless projects are established in a fashion whereby each is very limited in scope to the creation or enhancement of a single application or system, specification and design documents belong to the final solution and not to the project.
Posted April 11, 2012
McAfee, a security technology company, is offering a free downloadable audit plug-in for MySQL databases that records full activity audits, which are often required for enterprises to satisfy certain standards and regulations. The plug-in is designed to supplement McAfee's Database Activity Monitoring sensor. In combination, the plug-in and sensor can offer real-time analysis and policy enforcement for small and medium businesses as well as large enterprises.
Posted April 03, 2012
Citrusleaf, a real-time, distributed NoSQL database technology provider, has announced the immediate availability of Cross Datacenter Replication (XDR), a new product that enables flexibility for running real-time applications easily and seamlessly from different data centers. XDR runs on Citrusleaf 2.0, the company's flagship database platform for high-volume, data-intensive, web-scale and mobile businesses such as digital advertising.
Posted March 28, 2012
Gazzang, Inc., a provider of cloud-enabling, platform-as-a-service products, has released a new encryption and key management platform that secures organizations' big data against the threat of a breach or attack. Named the Gazzang Encryption Platform for Big Data, it protects data stored in Hadoop, Cassandra and MongoDB.
Posted March 27, 2012
Novell announced an update to its ZENworks suite, which includes integrated Mac device management, and full disk encryption capabilities. ZENworks 11 Support Pack 2 enables customers to lock out threats without shutting down IT access, the vendor says. ZENworks 11 now offers a more holistic approach to supporting Mac devices in the enterprise. With this release, Mac support is provided through Remote Management for Mac, Asset Management for Mac, Mac OSX Patching and Mac Bundles.
Posted March 21, 2012
The Unbreakable Enterprise Kernel Release 2 for Oracle Linux is now generally available. The updated kernel includes performance and scalability enhancements. The new release, which is based on the 3.0.16 mainline kernel, also includes improved memory and resource management, and is optimized to be deployed as a virtual guest.
Posted March 14, 2012
IBM unveiled new capabilities planned for its security intelligence platform designed to combine deep analytics with real-time data feeds from hundreds of different sources. This provides organizations the ability to help proactively protect themselves from increasingly sophisticated and complex security threats and attacks using a single platform, the vendor says.
Posted March 05, 2012
Varonis Systems Inc., a provider of data governance solutions and metadata framework technology, is set to release a solution with Varonis DatAdvantage, DataPrivilege and IDU Classification Framework and HP IBRIX X9000 Storage Systems in March. The pairing of the Varonis solution with HP IBRIX X9000 will allow for greater visibility into permissions, safe removal of excessive permissions, detailed audit trails of files, data ownership identification, actionable intelligence on the location of sensitive data, and sensitive content analysis.
Posted February 28, 2012
The challenges of maintaining security and regulatory compliance as applications increasingly move to the cloud - whether public, private or hybrid - will come into greater focus in 2012, says Ryan Berg, cloud security strategy lead for IBM. The need to manage security among an increasingly mobile workforce, with many employees choosing to use their own personal devices, will also be a key concern in 2012, says Berg.
Posted February 23, 2012
EnterpriseDB, designer of enterprise PostgreSQL and Oracle compatibility products and services, has released the latest version of its Advanced Server platform, Postgres Plus 9.1. The latest update offers improvements in read performance and write scalability, as well as greater flexibility and reliability due to its transaction-level control over synchronous replication, an industry first. Postgres Plus Advanced Server 9.1 is also more secure than previous versions due to the addition of Virtual Private Database, and has expanded its Oracle-compatible features.
Posted February 21, 2012
Ntirety, Inc. announced that it has been successfully audited and certified under the MSPAlliance's (MSPA) Unified Certification Standard for Cloud and Managed Service Providers (UCS). The certification is specifically designed to provide business consumers of cloud and managed services with the assurance that the service provider they hire will meet or exceed the highest principles of quality in areas such as financial stability, facilities, managed services practices, and customer satisfaction.
Posted February 07, 2012
Application Security, Inc. (AppSecInc), a provider of database security solutions for the enterprise, and Unisphere Research, today unveiled the findings from the "Data Security At An Inflection Point: 2011 Survey Of Best Practices And Challenges." A detailed overview of the findings and the implications for enterprise organizations will be presented by Joe McKendrick, lead analyst for Unisphere Research, and Thom VanHorn, vice president, Global Marketing, AppSecInc, in a webinar on Tuesday, Feb. 7, at 11 am ET.
Posted January 30, 2012
Was one of your New Year resolutions to get the security patches applied in a timely and efficient manner? Oracle's quarterly Critical Patch Update was released yesterday, and IOUG recommends that you apply security patches on a regular basis in order to maintain the security posture of your Oracle environment. Having procedures already in place will make a rollout of these patches easier allowing for pre-checks of the environment and databases, applying the patches, testing and validations and any post-scripts that should run.
Posted January 18, 2012
CyberSource, a Visa company and a gold-level member of the OraclePartnerNetwork (OPN), announced it has achieved Oracle Validated Integration of CyberSource Payment Management Services with Oracle's ATG Commerce Suite 10. Oracle ATG customers can now more rapidly adopt CyberSource's portfolio of payment management services, helping them to get to market faster and grow with less cost and complexity.
Posted January 04, 2012
Stacks of statistics from many sources share a common theme - growth rates for digital information are extremely high and undeniable. A tsunami of e-information is fueling the engine of today's corporate enterprise, and many businesses are aiming to ride the information wave to prosperity. However, many companies are not sufficiently attentive to all the potential liabilities lurking in the depths of this digital information, including the risks involved in using real, live personal customer and employee data for application development and testing purposes. There's real potential for serious data security, legal and noncompliance risks when businesses fail to protect this data.
Posted December 21, 2011
The first calendar year following SAP's acquisition of Sybase is coming to a close. David Jonker, director, product marketing - Data Management & Analytics, Sybase, discusses key product integrations, IT trends that loom large in Sybase's data management strategies, and the emergence of what Sybase describes as DW 2.0. 2011 has been "a foundational year," with effort focused on making Sybase technologies work with SAP and setting the stage for 2012, says Jonker. "We believe 2012 is going to be a big year for us on the database side."
Posted December 21, 2011
More than 350 IOUG members who completed a survey on data security, "Databases Are More at Risk Than Ever: 2011 IOUG Data Security Survey," were entered into a drawing for an Apple iPad. Rob Pierce, an IOUG member - and also a member of the Nashville Oracle Users Group - has been selected as the winner of the iPad in this IOUG ResearchWire sweepstakes drawing.
Posted December 07, 2011
The results of the latest IOUG survey on data security are in and the story is not likely to help data professionals or C-level executives sleep better at night. The study, "Databases are More at Risk Than Ever: 2011 IOUG Data Security Survey," conducted in July 2011 by Unisphere Research, a division of Information Today, Inc., and sponsored by Oracle, finds the security threat level to business is escalating and many information security professionals are concerned about the growing numbers of data breaches as well as the methods by which valuable data is being accessed. The IOUG Data Security Survey has been conducted every year since 2008, and Oracle is making the full report on the 2011 survey, authored by Unisphere Research analyst Joe McKendrick, available on the Oracle website. A short registration form is required for access.
Posted December 07, 2011
Join Oracle and Unisphere for a live webcast to learn more about common practices that are most vulnerable to fraud and error, and the best practices and technologies used by leading vs. laggard organizations to drive the hidden costs out of operations and enforce process controls. Speakers will include Thomas J. Wilson, president, Unisphere Research; Joseph McKendrick, analyst, Unisphere Research; and Stephanie Maziol, director GRC Applications, Oracle.
Posted December 06, 2011
The release of OpenInsight 9.3, the next version of Revelation Software's flagship product, is now imminent, and includes many new features eagerly awaited by Revelation customers. On track to be generally available by the end of the year, Robert Catalano, director of sales at Revelation, says that data encryption is among the major new components in OpenInsight 9.3. "Data encryption will be a key component that will be built into the database. It is data encryption at rest and that means that you can specify tables and fields that are sitting in on your disk drive and that data will be encrypted."
Posted December 01, 2011
Application Security, Inc. (AppSecInc), a provider of database security solutions for the enterprise, will host a webinar roundtable discussion on Tuesday, December 6, at 2 pm ET titled, "Can't We All Just Get Along? Bridging the Gap Between Security Pros and DBAs." The discussion will will focus on the impasse that security pros and DBAs routinely face with the aim that attendees will come away with tips for finding common ground to create a more cohesive working relationship and a more secure data environment.
Posted November 22, 2011
Vormetric, Inc., a provider of enterprise systems encryption and key management solutions, has introduced Vormetric Key Management, a single solution for central control of encryption keys on an enterprise scale. For organizations with heterogeneous database platforms and an increasing number of encryption keys from disparate encryption systems, Vormetric reduces administration costs and security risks. "Enterprises today are encountering significant issues and challenges around encryption key management," Todd Thiemann, senior director of product marketing at Vormetric, tells 5 Minute Briefing.
Posted November 16, 2011
Oracle has announced the latest version of Oracle Identity Analytics (OIA), a component of Oracle Fusion Middleware 11g and the Oracle Identity Management 11g product family. With the release, Oracle Identity Analytics is intended to simplify access review certification with business-centric views and actionable dashboards, enabling a reduction of errors in the certification process and increasing user productivity by up to 80%.
Posted November 09, 2011
People will go to great lengths to avoid identity theft, and many say they would take legal action against government or private organizations that compromise their personal data, according to new research conducted by Unisys. Nearly 90% of the survey respondents said they would take some sort of action in the event of a data breach, ranging from conservative solutions like changing their passwords (87%) to those with more serious commercial implications, such as closing their accounts (76%) or taking legal action (53%).
Posted November 08, 2011
Application Security, Inc. (AppSecInc), a provider of database security solutions, is introducing a new enterprise data security capability, DbProtect Active Response. "Active Response allows us to react in real time to policy violations with a tailored approach that is governed, based on specific events and policy violations we see and the environment that we are operating in," Josh Shaul, CTO of AppSecInc, tells 5 Minute Briefing. "Different customers in different systems will define that kind of thing in their own way, but what is most typical is administrative users accessing and modifying data in the systems they manage." That type of activity is usually out of bounds and is the kind of thing that organizations will typically define as a policy violation - whether it is intentional or accidental - and want to respond, he notes.
Posted October 26, 2011
At OpenWorld, Oracle's annual week-long conference in San Francisco for customers and partners, Andy Flower, president of the Independent Oracle Users Group, spoke with 5 Minute Briefing about the emerging challenges facing IOUG members, the group's plans for the year ahead, including additional training and certification around Exadata, and how Oracle's engineered systems approach is being received. "The overall need for analytics, the growth of data, and the managing and processing of more and more data - those areas are the central themes for us," Flower noted.
Posted October 19, 2011
IBM announced a definitive agreement to acquire privately held Q1 Labs, a Waltham, Massachusetts-based provider of security intelligence software. The move aims to accelerate IBM's efforts to help clients secure their enterprises by applying analytics to correlate information from key security domains and creating security dashboards for their organizations. Financial terms were not disclosed. Following the close of the acquisition, Q1 Labs will join the newly-formed IBM Security Systems division. The new division will be led by Brendan Hannigan, CEO of Q1 Labs.
Posted October 17, 2011
Direct Computer Resources, Inc., a provider of data privacy, file management and application development testing software, has been granted a patent in connection with the data obfuscation technology used in its DataVantage Global software. The software is used for the management and testing of databases and database applications, data migration, and the protection of sensitive data.
Posted September 28, 2011
Vormetric, Inc., a provider of solutions for enterprise systems encryption and key management, and Vcura, Inc., a provider of IT solutions for business, have formed a partnership to develop data protection and regulatory compliance-specific solutions based on the Vormetric Data Security platform for organizations in the U.S. and Canada. "The energy, utilities, and Canadian government markets have unique information security requirements and rely on trusted solution providers for implementation services and support," says Mike Coffield, vice president of Worldwide Channel Operations for Vormetric.
Posted September 21, 2011
Compuware has announced a major upgrade to its test data management solution. Test Data Privacy 3.1 aims to simplify the creation and disguising of test data in non-production environments, lowering the total cost of an enterprise-wide data privacy implementation. The release of Test Data Privacy 3.1 is significant because it enables an enterprise-wide approach to test data privacy, Dennis O'Flynn, product management director at Compuware, tells 5 Minute Briefing. "We have a new user interface that will allow you to interact with both distributed and mainframe data so that a consistent approach can be applied to data privacy."
Posted September 08, 2011