Database Security

Information Security solutions protect enterprise and government data and help address the need for compliance with Government and Industry requirements in physical and virtual systems. Security technologies that help protect against misuse by external hackers and internal privileged users include Data Masking, Data Encryption, Identity Management, Degaussing, Firewalls, Auditing, and Mandatory Access Controls.

Database Security Articles

The continued expansion of structured and unstructured data storage seems to be never-ending. At the same time, database administrators' need to reduce their storage consumption is accelerating as its cost becomes more visible. Today, however, there are data optimization technologies available that can help with the continued data growth.

Posted February 27, 2013

SAP and NetApp say they are tightening their collaboration with the goal of better supporting solutions such as SAP's HANA platform and SAP's NetWeaver Landscape Virtualization Management software. According to the companies, by complementing database solutions from SAP with NetApp storage and data management solutions, they can provide customers an agile data infrastructure for SAP applications that can help them be more competitive and reduce cost of ownership.

Posted February 27, 2013

Oracle has added a new utility to its storage software portfolio that is designed to streamline and automate critical tasks for customers using Oracle Database with Oracle's Sun ZFS Storage Appliance.

Posted February 20, 2013

INNOVATION Data Processing is teaming with storage infrastructure vendor EMC to support customers installing or migrating to the EMC Disk Library for mainframe (Dlm) virtual tape libraries. As part of this arrangement, EMC will offer INNOVATION's FATSCOPY Tape Migration Utility.

Posted February 19, 2013

CA Technologies has begun shipping a new version of its identity and access management (IAM) service solution that extends its reach across multiple vendor cloud platforms. CA CloudMinder now provides support for social identities and additional on-premise and cloud applications such as Microsoft Office 365.

Posted February 19, 2013

Expanding its cloud portfolio, Oracle has unveiled Oracle Infrastructure as a Service (Oracle IaaS) with "Capacity on Demand." "For the first time, you can get Oracle engineered systems deployed on premise behind your firewall for a monthly fee," said Oracle president Mark Hurd, during a live webcast that presented details of the offering. Announced by Oracle CEO Larry Ellison at Oracle OpenWorld in 2012, Oracle IaaS enables organizations to deploy fully integrated engineered systems, including Oracle Exadata Database Machine, Oracle Exalogic Elastic Cloud, Oracle SPARC SuperCluster, Oracle Exalytics In-Memory Machine and Oracle Sun ZFS Storage Appliance in their data centers.

Posted February 13, 2013

FAIR Health has chosen the Oracle Exadata Database Machine with a cluster of Oracle's Sun ZFS Storage 7420 appliances for backup to support its database of more than 15 billion claims. An additional Sun ZFS Storage Appliance supports remote disaster recovery and development. FAIR Health, which is an independent not-for-profit corporation committed to bringing transparency to healthcare costs and out-of-network reimbursement, sought a solution to streamline performance and eliminate the storage bottlenecks in its existing environment. With Oracle Exadata, the organization achieved substantial performance improvements, including a 5x reduction in claims processing time and a 10x faster average performance improvement in applying complex statistical methodologies.

Posted February 13, 2013

Attunity Ltd. and KOM Networks have formed a technology alliance to provide managed file transfer capabilities and archive storage for organizations with rigorous compliance and regulatory requirements through the integration of the Attunity Managed File Transfer (MFT) and KOM Network's KOMpliance. The alliance answers an emerging market need, Matt Benati, vice president of global marketing, Attunity, tells 5 Minute Briefing.

Posted February 12, 2013

Veeam Software Group, a provider of backup, replication and virtualization management solutions for VMware vSphere and Windows Sever Hyper-V, has released Veeam Backup & Replication Cloud Edition. According to the vendor, the solution turns public storage cloud into a data repository for backups, enabling an alternative to tape and traditional offsite backup storage.

Posted February 12, 2013, a provider of backup, disaster recovery and archiving technology, has released DataProtect for NetApp, a new solution for cloud-based offsite backup, replication and disaster recovery for environments that use NetApp filers. According to the company, DataProtect for NetApp does not require any additional hardware, tapes or third-party software, and can deploy an offsite backup solution in less than 30 minutes.

Posted February 12, 2013

HP introduced the new HP StoreEver Storage tape portfolio featuring sixth-generation Linear Tape-open (LTO-6) technology that the company says delivers twice the capacity and 44% faster performance than LTO-5 in the same footprint. HP StoreEver Storage integrates HP's tape products and technologies with HP Converged Storage, HP Data Protector and third-party backup software. According to HP, this integration, coupled with new LTO-6 capabilities, enables HP StoreEver Storage to deliver reliable long-term data protection and retention in a format that meets the needs of nearly any environment.

Posted February 04, 2013

Oracle has merged the core capabilities of the Oracle Audit Vault and Oracle Database Firewall products, creating the new Oracle Audit Vault and Database Firewall product which expands protection beyond Oracle and third-party databases with support for auditing the operating system, directories and custom sources. "It is really one single, streamlined solution to do both security and compliance for Oracle and non-Oracle databases, and extending beyond databases, to operating systems, file systems, and directories - essentially the structure surrounding your database," notes Vipin Samar, vice president, Database Security, Oracle. "Data governance is increasingly important in many organizations and, as we know from the IOUG survey that we did earlier this year, we have very few organizations that are monitoring sensitive data access," adds Roxana Bradescu, director of product marketing, Data Security, Oracle.

Posted January 24, 2013

Oracle has introduced StorageTek LTO 6 Tape Drives with Fibre Channel connectivity for its StorageTek SL8500 and SL3000 Tape Libraries. The new drives offer increased capacity for better with 2.5 TB native storage capacity on a single tape cartridge, enabling customers to process more data in less time, while driving down the cost of tape operations.

Posted January 23, 2013

Verizon Terremark announced it is enhancing its Enterprise Cloud service in terms of increased availability, security and flexibility. Enterprise Cloud computing platforms are being expanded in two of the company's data center facilities located in Dallas and London, Tony Savoy, senior director, Product Management, Verizon Terremark, tells 5 Minute Briefing. Verizon Terremark operates about 50 data centers worldwide, and of those a portion are what the company calls cloud-enabled to support its delivery of cloud family products to clients. The expansion in Dallas extends Verizon Terremark's presence in the central U.S., where it already has a Denver, Colorado, facility. The facility in London is Verizon Terremark's second in the EMEA region.

Posted January 22, 2013

NovaStor, a backup management software provider, announced it has redesigned its backup and restore software for data center administrators. NovaBACKUP DataCenter 5.0 features a new graphic user interface that provides greater access to all backup features.

Posted January 22, 2013

Kroll Ontrack, a provider of data recovery, e-discovery and information management, has introduced the latest version of Ontrack Eraser, a software tool that enables overwrite erasure of data on hard drives to ensure security and so that drives can be re-purposed. The new 4.0 release provides VMware eraser capabilities, expanded drive wiping capacity, and new reporting and security management functionality. "The one thing that the industry is struggling with today is being able to confirm that VMDKs (virtual machine disks), are wiped securely. It is a very manual mundane process today that we have made easier because we have essentially created a software product to help automate that process as well as easier for the customer to select specifically which virtual disks they want to wipe," Abhik Mitra, data recovery product manager at Kroll Ontrack, tells 5 Minute Briefing.

Posted January 10, 2013

IBM has entered into a definitive agreement to acquire StoredIQ Inc., a privately held company based in Austin, Texas. IBM says StoredIQ will advance its efforts to help clients derive value from big data and respond more efficiently to litigation and regulations, dispose of information that has outlived its purpose and lower data storage costs. The acquisition is about "information economics," Ken Bisconti, VP of ECM Marketing, IBM, tells 5 Minute Briefing. "It is really about managing the value of content and information, and helping also to dispose of it defensibly as it becomes of less value."

Posted December 20, 2012

For many years, enterprise data center managers have struggled to implement disaster recovery strategies that meet their RTO/RPOs and business continuity objectives while staying within their budget. While the challenges of moving, managing, and storing massive data volumes for effective disaster protection have not changed - exponential data growth and the advent of big data technologies, have made the challenge of disaster recovery protection more difficult than ever before.

Posted December 19, 2012

The latest IOUG study on database security finds that there are measures that need to be taken to safeguard data from internal abuse; however, preventing privileged users from negligence or malfeasance is a serious challenge. According to this year's study, human error has beat out internal hackers or unauthorized users as the biggest security risk. In addition, more than half of respondents say their organizations still do not have, or are unaware of, data security plans to help address contingencies as they arise. These enterprise data security challenges, and more, are highlighted in a new survey of 350 data managers and professionals by the Independent Oracle Users Group. Underwritten by Oracle Corporation and conducted by Unisphere Research, a division of Information Today, Inc., it covered progress within three key areas of database security - prevention, detection, and administration.

Posted December 19, 2012

Attunity Ltd., a provider of information availability software solutions, has officially launched Attunity CloudBeam, a fully-managed data transfer SaaS platform for Amazon Web Services (AWS) Simple Storage Service (S3). With its beta completed, the high-performance data transfer solution was unveiled and demonstrated live at the AWS re: Invent Customer and Partner Conference from in Las Vegas, NV. "This is aimed at folks today that are using AWS or will be using AWS for all kinds of use cases where data is core to their strategy," Matt Benati, vice president of Global Marketing at Attunity, tells DBTA. "All these use cases demand the movement of data and it really has to be a frictionless movement of data at scale. That is what Attunity does best."

Posted December 19, 2012

In the never-ending battle for enterprise data security, industry experts say there has been progress on several fronts, but there is still much work that needs to be done. There is an enormous amount of data that tends to leak out of the secure confines of data centers, creating a range of security issues. "There are many copies of data which have less security and scrutiny than production environments," Joseph Santangelo, principal consultant with Axis Technology, tells DBTA. "The increased reliance on outsourcers and internal contractors leave sensitive data within corporate walls open to misuse or mistakes." Or, as another industry expert describes it, the supply chain often proves to be the greatest vulnerability for data security. "A typical organization has a direct relationship with only 10% of the organizations in its supply chain — the other 90% are suppliers to suppliers," Steve Durbin, global vice president of the Information Security Forum, tells DBTA.

Posted December 19, 2012

Protecting databases using encryption is a basic data security best practice and a regulatory compliance requirement in many industries. Databases represent the hub of an information supply chain. However, only securing the hub by encrypting the database leaves security gaps because sensitive data also exists alongside the database in temporary files, Extract-Transform-Load (ETL) data, debug files, log files, and other secondary sources. According to the "Verizon 2011 Payment Card Industry Compliance Report," unencrypted data that resides outside databases is commonly stolen by hackers because it is easier to access

Posted December 19, 2012

At OpenWorld, Oracle's annual conference for customers and partners, John Matelski, president of the IOUG, and CIO for Dekalb County, Georgia, gave his perspective on the key takeaways from this year's event. Matelski also described the user group's efforts to help the community understand the value of Oracle's engineered systems and deal with the broad implications of big data, and how the IOUG is supporting Oracle DBAs in their evolving roles.

Posted December 12, 2012

DataMotion has introduced a new version of its SecureMail Gateway, an intelligent monitoring solution that uses policy-based encryption and Exact Matching functionality to prevent data leakage and protect sensitive information in email messages and file attachments. The automated solution takes email security and compliance out of the hands of employees to minimize human error, ensure strict policy enforcement company-wide, and make it easier for organizations to protect information in transit and adhere to privacy regulations.

Posted December 11, 2012

Maintec Technologies has opened a new data center in North Carolina, providing mainframe co-location, mainframe raised floor space, and mainframe managed services. According to Maintec, its new mainframe co-location data center, situated 200 miles inland on the second floor of a brick building, is well-suited for companies in the Raleigh, Durham, Chapel Hill, Morrisville and Cary region. And, for New York and Washington, D.C. companies seeking an inland data center, the Maintec mainframe co-location data center is accessible via the nearby Raleigh/Durham International Airport.

Posted December 10, 2012

HP announced a range of new enhancements to its Converged Storage portfolio, intended to address storage management issues within virtualized, cloud and big data archive environments. The refresh of the company's storage portfolio includes new HP 3PAR StoreServ Storage, HP StoreAll Storage, and HP StoreOnce Backup product offerings. With the understanding that the storage sprawl at many organizations is unsustainable, the goal of the updated HP storage portfolio is to simplify the overall experience within customer environments, Craig Nunes, vice president of worldwide marketing, HP Storage, tells 5 Minute Briefing.

Posted December 10, 2012

Voltage Security, a provider of encryption and key management solutions, has announced a partnership with data integration software provider Informatica to deliver seamless integration of Voltage's data-centric security platform Voltage SecureData with Informatica's data masking software. The integration is aimed at providing protection across the entire application development lifecycle, from creation to production to application retirement. The solution is expected to lower the cost of protecting data in production and non-production environments through a combination of encryption, tokenization and masking capabilities. "We are known as the inventors of format-preserving encryption and that is part and parcel of why Informatica is working with us. Format-preserving encryption solves some unique challenges in masking that you can't do any other way," Jeremy Stieglitz, vice president of business development at Voltage Security, tells 5 Minute Briefing.

Posted November 28, 2012

SAP is planning to deliver six new SAP mobile apps for Windows 8. SAP also announced forthcoming support for Windows 8 development on the SAP Mobile Platform as well as security enhancements to the SAP Afaria mobile device management solution. Through these apps, platform support and security enhancements, SAP said it intends to extend business processes to Windows 8 to accelerate a business' ability to run better with devices of various form factors. The announcements were made at SAPPHIRE NOW + SAP TechEd in Madrid.

Posted November 28, 2012

Grid-Tools Ltd., a provider of test data management, test data generation and data masking software and solutions, has announced enhanced data masking solutions for mainframe users. The company's Enterprise Data Masking suite now provide full native support for data masking and subsetting for z/OS on DB2, VSAM, IMS and Non-Indexed Files.

Posted November 26, 2012

Application and server management solutions provider Idera has released version 5.0 of Idera Server Backup, designed to be an affordable, enterprise-class software solution for physical and virtual server environments. According to Idera, the solution is offered at a price point that is 80% lower on average than competing solutions, and provides a fast and proven solution for backup and recovery for mixed server environments, including physical, virtual, Windows, and Linux.

Posted November 13, 2012

When virtualization was first born, IT departments went gangbusters using this revolutionary change to get better performance out of their servers. In all the excitement of implementation, something not so very small was overlooked — backup and recovery. The lack of proper planning forced jobs and recovery to fail, and backup admins started feeling backed into a corner. Thankfully, times have changed, and IT departments, now very aware of these issues, have gotten savvy at avoiding the potential pains of virtualization infrastructure. But a new challenge has emerged.

Posted November 13, 2012

Asigra Inc., a cloud backup, recovery and restore software provider, has unveiled Asigra Cloud Backup v12, a solution for backing up all enterprise data in a single consolidated repository. Cloud Backup v12 provides cloud application support (SaaS and PaaS), mobile endpoint support, advanced virtual disaster recovery for VMware environments and anytime/anywhere data recovery across the enterprise.

Posted November 12, 2012

In a new survey of 207 IT and data executives, respondents report that their organizations are behind the curve when it comes to managing the risks that could come from exposing live data to less secure settings—including development departments and outside contractors. This is an Achilles' heel that is being overlooked in data security efforts. The survey, which drew responses from the membership of the Independent Oracle Users Group (IOUG), was conducted by Unisphere Research, a division of Information Today, Inc., and sponsored by IBM. The executive summary of the report titled "Testing the Bounds of Data Governance: 2012 IOUG Test Development & QA Survey" is publicly available - and IOUG members may access the full report from the IOUG website.

Posted November 07, 2012

Application Security, Inc. (AppSecInc) has updated its database scanning tool, AppDetectivePro, with expanded capabilities and a new user interface. The new tool allows organizations to quickly and easily understand their security posture and capabilities to proactively remediate vulnerabilities and protect sensitive information.

Posted November 01, 2012

Varonis Systems Inc., a data governance software provider, has released DatAdvantage 5.8, offering customers greater flexibility and management in data governance for unstructured and semi-structured data. Varonis DatAdvantage 5.8 introduces internally developed collectors that can run alongside or instead of Varonis probes running Microsoft SQL. These collectors can collect the information without an SQL server, making implementation easier, improving performance, and reducing overhead. "It is a great investment in our architecture, and it gives you more flexibility about where you can use SQL or not use SQL," David Gibson, vice president of strategy at Varonis, tells 5 Minute Briefing.

Posted October 16, 2012

At Oracle OpenWorld, F5 Networks showcased its integrated solution for Oracle Database Firewall that provides enhanced security for web-based database applications. F5's solution integrates F5 BIG-IP Local Traffic Manager (LTM) and BIG-IP Application Security Manager (ASM) with Oracle Database Firewall to protect against SQL injection attacks and provide richer forensic information about these threats.

Posted October 10, 2012

Real-time IT management company ManageEngine, a division of ZoHo Corp., debuted key product portfolio enhancements at Oracle OpenWorld 2012. In addition to its flagship network monitoring software (NMS), OpManager, the company has upgraded its network configuration and change management (NCCM) solution, DeviceExpert, and enterprise password management software, Password Manager Pro. "Historically, IT has been more of a batch-oriented organization, where you submit a problem and wait for some resolution but as businesses make technology more ingrained in their overall revenue generation and profit generation functions, you just can't have that. It has got to move with the pace of business, and so a lot of the product announcement and development focus for us has been to deliver more real-time capabilities," Raj Sabhlok, president of ManageEngine, tells 5 Minute Briefing.

Posted October 09, 2012

Database security company Application Security, Inc. (AppSecInc) has announced the general availability of a major new release of its flagship platform, DbProtect. Version 6.4 incorporates insights gained from 10 years of working with customers, Josh Shaul, CTO of AppSecInc, tells 5 DBTA. DbProtect is intended to let organizations evaluate the security of their database environment and have access to preventative controls so they can eliminate security risks without the need to patch or reconfigure databases. With this release, the product, which has been rebuilt from scratch, offers a much easier to use interface as well as the ability to provide various groups of stakeholders with individual views based on a single scan, thereby limiting the burden on the database as well as limiting user access based on roles, notes Shaul.

Posted September 26, 2012