Data base administrators and security professionals have been urged to take a proactive approach to data security by making encryption a priority if they wish to effectively protect the most vulnerable elements of their IT systems.
The 2016 Data Breach Investigation Report by Verizon Enterprise indicates that databases are the second most frequently targeted asset by people inside an organisation, trailing only desktop computers.
William Makatiani, CEO, Serianu, notes that over 75% of cyber-attacks in the East African region are caused by insiders, mostly disgruntled employees. The situation is worsened by the fact that the content only has an approximate of 3,500 certified security personnel.
Speaking at the Africa Security Summit in Tanzania, Janusz Naklicki, Oracle’s Senior VP for Africa said this proactive approach is fundamental to spotting and neutralising these threats before they have a significant impact on company data.
Cyber security is one of the major challenges corporates are facing in the current business environment. Many of these concerns centre around the rise of hacking, a threat which has continued to outpace other means of attack by a large margin, and which has grown proportionally alongside today’s lucrative information black market.
Every year, organizations pour billions of dollars into information security. And like clockwork, every year hackers find new ways to access and steal sensitive data. A nearly US$300 billion global cybercrime market is a powerful incentive for keeping ahead of the technology curve. Indeed, the market for stolen credit cards alone is north of US $100 billion, handily outstripping the entire global cocaine market. Africa is no exception.
According to Nacklicki, building a database security strategy is the first step for a company in ensuring security has been addressed inside out.
“It is surprising, then, that businesses don’t prioritise investment in protecting their databases. Even if an organisation’s perimeter is breached, by placing security controls around sensitive data, detecting and preventing SQL injection attacks, monitoring database activity, encrypting data at rest and in transit, redacting sensitive application data, and masking non-production databases, organisations can reduce the risk of data exfiltration,” he added.
Point-of-sales intrusions have been identified as one of the largest contributors to data breach incidences. This is attributable to the fact that Point-of-sale devices continue to be a reliable source for this data, notably the POS terminals that directly consume magnetic stripe information from customers.
It is essential to get check out the monitoring options available for the POS environment and validate the implementation.
As a means to curb cybercrime, Oracle has delivered the industry’s most advanced technology to safeguard data at the source—the database. Oracle provides a comprehensive portfolio of security solutions to ensure data privacy, protect against insider threats, and enable regulatory compliance for both Oracle and non-Oracle databases.
The technology firm’s powerful preventive and detective security controls include database activity monitoring and blocking, privileged user and multifactor access control, data classification and discovery, transparent data encryption, consolidated auditing and reporting, secure configuration management, and data masking.