RDX Database Auditing and Breach Protection Services

Introduction

Ensuring that sensitive data is protected on a real time basis is a challenging task. Network perimeter security mechanisms do not protect against internal data thefts, and many companies have recently learned the actions they took to protect their sensitive data from external threats were not as effective as originally planned.

2014 Data Breach Costs – The Ponemon Institute Study

Any time sensitive data is breached, it can threaten the survivability of the organization. According to the 2014 Cost of Data Breach Study by the Ponemon Institute, the total average cost paid by US organizations per data breach incident was $5.9 million. The average number of records breached was 29,087

The root causes and costs of the reported breaches analyzed by the study were as follows:

  • 44% Malicious or Criminal Attack - $246 per record breached
  • 31% Human Error - $160 per record breached
  • 25% System Problems- $171 per record breached

The Ponemon Institute study predicts that there is a 19% probability that a company will experience a data breach of a minimum of 10,000 records within the next 24 months.

Small to Mid-Size Businesses are not Immune from Attack

“My business is too small to be a target” is an erroneous assumption. According to the Symantec 2014 Breach Investigations Report, companies with less than 250 employees ac- counted for 31% of all reported attacks: Visa reports an even more alarming statistic: 85% of all Visa card breaches occur at the small to medium-sized business level The National Cyber Security Alliance SMB report states that 60% of small businesses close their doors within 6 months of a data breach.

How RDX’s Security Offering Helps Protect Your Organization

This whitepaper provides details on RDX’s database security services offering that is designed to help your organization protect their environments and more easily adhere to govern- mental and internal reporting requirements. RDX’s service offering includes:

  • Vulnerability assessment scans quickly identify current vulnerabilities, allowing them to be addressed. Organizations can then demonstrate compliance to auditors using subsequent scan output.
  • Advanced reporting templates allow customers to easily adhere to both their organization’s internal reporting standards and industry compliance regulations including (PCI, HIPAA, SOX, GLBA, SSAE16/SAS70)
  • Reports can be customized and scheduled according to customer requirements
  • Data breach protection prevents internal or external unauthorized access by proactively ensuring that security best practices are followed and providing the ability to stop unauthorized access, whether malicious or accidental, from occurring

As new vulnerabilities are discovered, virtual patching helps protect database without system upgrade or downtime until DBMS updates are issued by vendor and applied

RDX/Intel Security (McAfee) Partnership

RDX has selected Intel Security as its partner for this service offering. Intel Security is an industry leading security software provider whose sole focus is protecting its customers against security threats. Intel’s security labs are staffed by more than 500 professional security researchers who were responsible for identifying 35 million instances of new malware in 2012. Intel Global Threat Intelligence offers the most comprehen- sive threat intelligence on the market that gives users visibility across all threat vectors—file, web, message, database and network.

Database Activity Monitoring allows organizations to gain vis- ibility into all database activity, including local privileged ac- cess and sophisticated attacks from within the database itself. Monitoring helps customers protect their most valuable and sensitive data from external threats, malicious insiders and ac- cidental exposure by alerting them to data access in real time that violates predefined security policies.

RDX has integrated the features and functionality provided by Intel’s database security products into its support environ- ment—allowing organizations to take advantage of a world- class security monitoring, auditing and breach protection at a fraction of the cost of in-house implementations.

RDX’s Database Auditing and Protection Services

RDX’s service offering consists of: Customizing the Security Offering, Vulnerability Assessments, RDX’s Database Security Analysts, Database Auditing and Breach Protection and Ongo- ing Security Services.

Customizing the Security Offering

RDX offers multiple service tiers to meet the unique needs of any organization. The proven security and compliance platform enables customers to quickly and cost effectively improve your security posture by protecting critical assets with flexible services tailored to address specific needs and/or compliance requirements. Your database security needs are as unique as your business and because solutions are not one-size-fits-all, RDX offers tiered service levels that allow you to create the perfect compliance or monitoring program for your organization’s needs.

All service tiers include:

  • An overview of the installation and configuration of RDX’s security monitoring architecture which includes an RDX-supplied security console appliance
  • Detailed discussions on RDX’s security monitoring imple- mentation to ensure each customer understands how RDX’s data protection strategies will safeguard their data from unwarranted access
  • Development of criteria used to generate alert event notifications and breach protection
  • Creation of documented incident response escalation procedures based upon alert event notifications

Secure Tier One Services include:

  • 24x7 security monitoring and breach protection
  • Automated database virtual vulnerability patching

Secure Tier Two Services include:

  • 24x7 security monitoring and breach protection
  • Automated database virtual vulnerability patching
  • Fact finding discussions to identify customer’s audit reporting needs including:
    • Industry standard audit compliance reporting re- quirements including PCI DSS, SOX, HIPAA, GLBA and SSAE16/SAS70
    • Custom audit reports based on user activity
  • Creation and scheduling of industry standard and custom user activity auditing reports

Vulnerability Assessments

The vulnerability scan provides a detailed security analysis of the database instance(s) being protected. Its intent is to identify current vulnerabilities to allow RDX and the customer to quickly address them. This makes it easier to demonstrate compliance to auditors and improves protection of critical assets. The scan conducts a check of more than 5,000 potential database vul- nerabilities across all platforms. This process includes:

  • PCI DSS, SOX, HIPAA, GLBA and SSAE16/SAS70 vulnerability scan templates provided by Intel Security ensure all com- pliance requirements are analyzed
  • Rescans can be quickly performed to ensure continued compliance
  • Automatically detects new databases on the network
  • Analysis of the protected instances for patch status, weak passwords, default accounts and other common vulner- abilities
  • Remediation recommendations for most high-priority vul- nerabilities
  • RDX’s security analysts will present the scan results to cus- tomers and provide valuable insight into the security flaw, the type of exposure or vulnerability it presents.
  • Schedule ongoing scans to run on a recurring basis to en- sure that no new vulnerabilities are identified

RDX’s Database Security Analysts

RDX dedicates an entire team of security professionals that are responsible for creating, implementing and enhancing a stra- tegic blueprint for the proactive monitoring required to protect sensitive database data stores. Since the support blueprint is already in place, companies employing RDX to protect their databases do not have to spend the additional monies required to create a robust auditing and breach protection architecture. RDX’s Database Security Analysts provide the following benefits:

  • A team dedicated to advanced security monitoring implementation and notification/escalation activities
  • Ensure that customer environments are monitored and protected at all times
  • Onsite and onshore around-the-clock staffing
  • RDX Security Analysts provide segregation of duties to adhere to internal and governmental regulations
  • Execution of predefined notification and escalation procedures
  • Responsible for improving and enhancing RDX’s security service capabilities
  • Ensuring that all monitoring components are functioning as expected
  • Perform security system upgrades to ensure that all new features are quickly leveraged by each customer

Database Breach Protection

24 X 7 breach protection is the heart of RDX’s security service offering. Customers utilizing RDX’s security services can rely upon a monitoring architecture created and supported by one of the industry leaders in critical environment monitoring. RDX has 20 years of remote monitoring experience and currently processes 25,000 individual event checks every 5 minutes from over 4,000 servers. This offering includes:

  • Breach protection can be configured to prevent the state- ment from running, disconnect the user, send alerts and quarantine the user to prevent further access
  • A non-intrusive, lightweight monitoring sensor is installed on each monitored target
  • Console software is installed on an RDX appliance that is supplied to customer
  • RDX Security Analysts work with each customer to create security event identification criteria to alert or terminate sessions based on, but not limited to:
    • User
    • Application program
    • IP or host name
    • Time of day
    • Type of statement (SELECT, INSERT, DELETE, TRUNCATE, UPDATE, ALTER, DROP, etc.)
  • RDX’s Security Analysts review alerts generated during initial implementation to reduce false alarms by collecting data and identifying expected behavior

Database Auditing and Reporting (Secure Tier Two Services)

Database Activity Monitoring can also be used for audit compli- ance reporting. Because of the non-intrusive, lightweight de- sign, and the ability to remove authorized users from reporting output, many of our clients find this service to be a perfect solu- tion to satisfy their compliance reporting needs.

  • Auditing capabilities use much less resources than native database auditing
  • Activity monitoring logs all access to sensitive data for audit purposes, including complete transaction details
  • Report templates allow customers to easily adhere to both their organization’s internal reporting standards and industry regulations including (PCI, HIPAA, SOX, GLBA, SSAE16/SAS70)
  • Auditing reports can be customized and scheduled according to customer needs

Ongoing Security Services

RDX also provides ongoing services as an integral part of their security offering. These services help customers to protect sensitive database data stores from ever changing external and internal threats. For customers choosing RDX’s Secure Tier Two Services, RDX will provide advanced reporting for specific audit requirements (PCI, HIPAA, SOX, GLBA, SSAE16/SAS70) and customized user activity auditing per customer requirements. These ongoing security services include:

  • Perform periodic vulnerability scans to ensure that recent changes have not increased exposure to security threats
    • Scan for new databases added to network
  • Security Auditing and Reporting Services (Secure Tier Two Services)
    • Configure and schedule auditing reports
  • Provide advice to customer personnel on patching and upgrades

Conclusion

RDX’s database security services allow customers to protect and audit their critical database systems without incurring the costs traditionally associated with the implementation and support of a robust security monitoring architecture. In addition, custom- ers choosing RDX’s security protection services are able to le- verage an entire support staff that is dedicated to ensuring their systems are protected against unauthorized access. This unique offering allows all organizations to take advantage of a world- class security protection infrastructure at a fraction of the cost of in-house implementations.

About RDX

Remote DBA Experts (RDX) is the leading provider of remote database and operating system administration and monitoring Services. Since its inception in 1994, RDX has provided 100% US-based, 24X7 support for Oracle, SQL Server, DB2, RDB and MySQL databases as well as operating system support for all major UNIX and LINUX offerings.

Media Banner: 
 
image description
All Customers Receive
timely service 24x7 Support from DBA Experts
united states support 100% Onshore DBA Solutions
team of resources Dedicated DBA Resources
database service Customized
SLAs