Ensuring that sensitive data is protected on a real time basis is a challenging task. Network perimeter security mechanisms do not protect against internal data thefts, and many companies have recently learned the actions they took to protect their sensitive data from external threats were not as effective as originally planned.
Any time sensitive data is breached, it can threaten the survivability of the organization. According to the 2014 Cost of Data Breach Study by the Ponemon Institute, the total average cost paid by US organizations per data breach incident was $5.9 million. The average number of records breached was 29,087
The root causes and costs of the reported breaches analyzed by the study were as follows:
The Ponemon Institute study predicts that there is a 19% probability that a company will experience a data breach of a minimum of 10,000 records within the next 24 months.
“My business is too small to be a target” is an erroneous assumption. According to the Symantec 2014 Breach Investigations Report, companies with less than 250 employees ac- counted for 31% of all reported attacks: Visa reports an even more alarming statistic: 85% of all Visa card breaches occur at the small to medium-sized business level The National Cyber Security Alliance SMB report states that 60% of small businesses close their doors within 6 months of a data breach.
This whitepaper provides details on RDX’s database security services offering that is designed to help your organization protect their environments and more easily adhere to govern- mental and internal reporting requirements. RDX’s service offering includes:
As new vulnerabilities are discovered, virtual patching helps protect database without system upgrade or downtime until DBMS updates are issued by vendor and applied
RDX has selected Intel Security as its partner for this service offering. Intel Security is an industry leading security software provider whose sole focus is protecting its customers against security threats. Intel’s security labs are staffed by more than 500 professional security researchers who were responsible for identifying 35 million instances of new malware in 2012. Intel Global Threat Intelligence offers the most comprehen- sive threat intelligence on the market that gives users visibility across all threat vectors—file, web, message, database and network.
Database Activity Monitoring allows organizations to gain vis- ibility into all database activity, including local privileged ac- cess and sophisticated attacks from within the database itself. Monitoring helps customers protect their most valuable and sensitive data from external threats, malicious insiders and ac- cidental exposure by alerting them to data access in real time that violates predefined security policies.
RDX has integrated the features and functionality provided by Intel’s database security products into its support environ- ment—allowing organizations to take advantage of a world- class security monitoring, auditing and breach protection at a fraction of the cost of in-house implementations.
RDX’s service offering consists of: Customizing the Security Offering, Vulnerability Assessments, RDX’s Database Security Analysts, Database Auditing and Breach Protection and Ongo- ing Security Services.
RDX offers multiple service tiers to meet the unique needs of any organization. The proven security and compliance platform enables customers to quickly and cost effectively improve your security posture by protecting critical assets with flexible services tailored to address specific needs and/or compliance requirements. Your database security needs are as unique as your business and because solutions are not one-size-fits-all, RDX offers tiered service levels that allow you to create the perfect compliance or monitoring program for your organization’s needs.
All service tiers include:
Secure Tier One Services include:
Secure Tier Two Services include:
The vulnerability scan provides a detailed security analysis of the database instance(s) being protected. Its intent is to identify current vulnerabilities to allow RDX and the customer to quickly address them. This makes it easier to demonstrate compliance to auditors and improves protection of critical assets. The scan conducts a check of more than 5,000 potential database vul- nerabilities across all platforms. This process includes:
RDX dedicates an entire team of security professionals that are responsible for creating, implementing and enhancing a stra- tegic blueprint for the proactive monitoring required to protect sensitive database data stores. Since the support blueprint is already in place, companies employing RDX to protect their databases do not have to spend the additional monies required to create a robust auditing and breach protection architecture. RDX’s Database Security Analysts provide the following benefits:
24 X 7 breach protection is the heart of RDX’s security service offering. Customers utilizing RDX’s security services can rely upon a monitoring architecture created and supported by one of the industry leaders in critical environment monitoring. RDX has 20 years of remote monitoring experience and currently processes 25,000 individual event checks every 5 minutes from over 4,000 servers. This offering includes:
Database Activity Monitoring can also be used for audit compli- ance reporting. Because of the non-intrusive, lightweight de- sign, and the ability to remove authorized users from reporting output, many of our clients find this service to be a perfect solu- tion to satisfy their compliance reporting needs.
RDX also provides ongoing services as an integral part of their security offering. These services help customers to protect sensitive database data stores from ever changing external and internal threats. For customers choosing RDX’s Secure Tier Two Services, RDX will provide advanced reporting for specific audit requirements (PCI, HIPAA, SOX, GLBA, SSAE16/SAS70) and customized user activity auditing per customer requirements. These ongoing security services include:
RDX’s database security services allow customers to protect and audit their critical database systems without incurring the costs traditionally associated with the implementation and support of a robust security monitoring architecture. In addition, custom- ers choosing RDX’s security protection services are able to le- verage an entire support staff that is dedicated to ensuring their systems are protected against unauthorized access. This unique offering allows all organizations to take advantage of a world- class security protection infrastructure at a fraction of the cost of in-house implementations.
Remote DBA Experts (RDX) is the leading provider of remote database and operating system administration and monitoring Services. Since its inception in 1994, RDX has provided 100% US-based, 24X7 support for Oracle, SQL Server, DB2, RDB and MySQL databases as well as operating system support for all major UNIX and LINUX offerings.