Page 190 - DCAP508_DATABASE_ADMINISTRATION
P. 190
Database Administration
Notes 2. Risk and Compliance: the risk and security teams are seeking to implement tight controls
around the data stores in order ensure data confidentiality and integrity while limiting
access to privileged users and subsequently identifying fraudulent activities. The preventive
security solutions and controls such as encryption and access management, are not effective
for authorized/legitimate user access. Thus, the DAM solution can be successfully deployed
in order to fulfill the security controls required by:
i. Data Governance
ii. Risk Management
iii. Audit
iv. Regulatory Compliance.
The benefits provided by the DAM solution, via a tight integration with DLP and SIEM
solutions respectively, allow the extension of the network controls and the security
framework also to the databases and data stores.
3. Policy Enforcement: Database Firewall includes a complete set of predefined, customizable
security and audit policies. Security alerts can be sent to SIEM, ticketing systems, and other
third-party solutions to streamline business processes.
Business Impact
The solutions can be deployed offpath either inline. In order to comprehensively monitor and
detect fraudulent activity, a solution must monitor all the “gateways” to the data store. Thus, the
employment of software agents in order to monitor also the local activity (server console or
other applications connecting to the database) is to be taken into consideration.
If the solutions are deployed offpath, then there is no impact on the monitored network
segments.
If the solutions are to be deployed inline in protect mode (database firewall), then several
considerations are to be taken into account:
Usually the solution is deployed in transparent mode, with no IP addressing on the traffic
interfaces. Thus, the DAM should have fail-open functionalities in order to allow the
traffic to pass through in case of platform malfunction
Minimum latency – the latency induced in the network has to be minimum
The enforcement of the security policies is to be done in stages – first deployed non-intrusively,
and upon successful testing only the security policies are to be enforced in place.
Proper performance dimensioning in order to withstand peak traffic, in terms of both
legitimate and malicious traffic; if the device cannot operate properly under heavy load
this will have a direct impact on the business process
Access policies have to be reviewed each time a modification has to be operated to the
application, at both the application and at user access policies; failing to do this can result
in blocking legitimate traffic and/or blocking legitimate users’ access.
Data audit – when turned on, it consumes very severely the resources – thus, a powerful
enough hardware appliances has to be deployed.
184 LOVELY PROFESSIONAL UNIVERSITY
