Solutions
- Vulnerability Assessment
- Compliance
- Privacy & Security
Want to Learn More?
- Email: info-sales@iplocks.com
- Call: 1.408.383.7500
In The News
IPLocks Privacy & Security Solution
Complete Automation for Lights-Out Operations
IPLocks Privacy & Security solution addresses the ever-evolving threats to data privacy and security. Compliance requirements typically focus on specific data domains, whereas privacy and security threats are more broad-based. To face these threats, many businesses have developed or are in the process of developing a top-down approach to privacy and security.
The large scope of top-down privacy and security programs means that implementation must be very judicious in its use of resources; otherwise, programs could collapse under the load of the data they generate. IPLocks has specific features that help organizations address each of the key requirements.
For the larger, less specific scope of Privacy and Security, the key requirements are:
- Information Protection to ensure:
- Only the right people can see and modify data
- Changes made by authorized users are authorized changes
- Focused Enforcement to constrain the scope of the problem to be smaller than monitor everything all the time
- Data Assurance to double-check the integrity of data in databases
Information Protection.
Take preventative measures -- an ounce of prevention is worth a pound of cure. Good preventative measures target systemic flaws in privacy and security. Once fixed, these areas must be monitored to prevent security weaknesses from creeping back in. For example:
- Tightly Control User Privileges. Establish a baseline, resetting access rights based on actual need, not historical precedents. Then, monitor privilege changes with periodic management review Preserve Data Integrity. Monitor metadata changes and tie to change management systems for authorization and accountability. Also, monitor privileged user activities and review transactions for authenticity. Remember, DBAs are not the only privileged users, many managers also have escalated privilege levels.
- Automate Data Protection. Automated policies enable immediate remediation, reducing the likelihood of backlogs and unauthorized behavior going unnoticed.
Focused Enforcement.
Identify risks and design effective controls to mitigate threats as appropriate. While it may be possible to monitor every transaction, it may not be wise. Some risks are better addressed with data sampling than with continuous monitoring.
- Guard Critical Data. High-risk data such as credit cards and financial transactions can be monitored without altering applications or hurting performance. Protect your brand, don't be a statistic.
- Pro-active Policies. Establish controls and policies that stop problems before they happen. Adaptable policies can be configured based on the criticality of the data.
- Monitor for Legitimacy. Co-ordinate database activity with change management and trouble ticketing systems. Use continuous policies for critical data; use guard schedules to sample activity for less-sensitive data.
Data Assurance
Don't just trust the effectiveness of internal controls -- verify it! Maintaining audit data and policy violations enables forensic analysis and verification. IPLocks enables:
- Independent Audit Data. Audit data is collected using a variety of mechanisms and stored within IPLocks. Since IPLocks is separate from production applications, DBAs don't have access to the audit data and can not erase or alter critical event records.
- Content Audits. Verify both ends of complex transactions. Batch jobs are a good example. Ensure that the number of records imported corresponds to the number of records originally exported. If not, the resultant data set lacks integrity.
- Enterprise Verification. With SNMP and the Command-Line Interface, IPLocks events can be cross-checked with planned activities and reference data.