Why Breadth Matters for Data Center Security

http://imperva.typepad.com/.a/6a01156f8c7ad8970c01901b85288f970b-800wiThe conventional wisdom on enterprise security is that it’s a best of breed game. So I get asked frequently how Imperva can hope to be best of breed at two “different” things: application security and data security. The answer is simple. Imperva focuses on one thing: data center security. And doing that right happens to mean you need to be good at both application security and data security.

Yesterday Imperva announced SecureSphere 10.0. Apart from the eye-catching new crowd-sourced security intelligence offering for WAFs, the release included coverage for a range of new data center assets including Active Directory, Network File System (NFS), IBM IMS (mainframe database), and PostgreSQL (open source database). Similar to the difference between application security and data security, to the uninitiated, these things might seem unrelated, but they aren’t.

The unifying relationship lies in the goal of the defender. CISOs aren’t asked to protect one component or another of a critical business system. They are expected to protect the entire system, meaning all of its components from web applications through directories, structured databases, and unstructured files.

One question customers ask almost daily is about Microsoft SharePoint. It’s a hugely successful collaboration tool that almost every enterprise has been using for some time, whether or not central IT security was aware of it. And last year was the year that those same security organizations figured out there is sensitive data in SharePoint. So their natural first question is: how do I secure that data?

Well, first, SharePoint has a web front end. And like any other web application, SharePoint applications are vulnerable to a wide range of technical and logical attacks and need protection.

Second, What most people use SharePoint for is to manage unstructured data like Office documents and SharePoint lists. Much of that data is sensitive containing intellectual property or business plans or even regulated consumer data. So you need to audit and control access to it – wherever it resides

Next, to know who’s who, you will need an understanding of Active Directory as that’s the default (and by far the most common) store of identity against which SharePoint enforces authorization policy.

And finally, under the covers, all of those files are stored in a SQL Server database. So your regulator will want you to show you control the access of privileged SQL Server DBAs.

Think of any information system that is core to your business. What are its components? I bet it has a Web or mobile front end and accesses some set of important data stored either in a database or in some sort of file share or collaboration system. Now, if your goal was to secure that system, what security components would you need?

via Why Breadth Matters for Data Center Security – Imperva Data Security Blog.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of the author. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided "as-is". The author shall not be liable for any damages whatsoever arising out of the content or use of this blog.
%d bloggers like this: