Site Sponsor:

mcafee_logo.gif
line

Now Available:

Featured Resource:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Dan or post a comment to the blog.

« Security and the Rise of Low Cost Devices | Main | Sophisticated Attack on Nuke Lab - Spam and Phishing Lures Still Malware Threat »

Database Auditing

We've just added an article on database auditing to the Messaging and Web Security Essential Series. Here is an excerpt:

Database security is gaining more attention and justifiably so. Concerns about compliance, privacy protection and data loss will naturally lead to measures to secure databases and the data they hold. As with other areas of information security, a defense in depth strategy can significantly reduce risks associated with databases. A key element of this strategy is database auditing.
Database auditing can be divided into two subtasks: security assessment auditing and information access auditing. A security assessment audit entails vulnerability scanning, code reviews and an analysis of database management policies and procedures. These are typically done at regular intervals and in conjunction with broader IT operations audits. Information access auditing is more of a monitoring operation and will be the subject of this article. For the remainder of the article, when reference is made to database auditing, it means information access auditing.


This is just one of 25 articles on Web, messaging, database, and related security topics available in the Essential Series.

Tags:      
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Dan Sullivan on December 7, 2007 12:25 PM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-websecurity.com/type/mt-tb.cgi/554

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Latest White Papers

line

Blog Roll

line

Dan Sullivan's Bio:

Dan Sullivan is a systems architect with 20 years of IT experience that includes engagements in enterprise security, application design, and systems architecture. His experience includes a broad range of industries, including financial services, manufacturing, government, retail, gas and oil production, power generation, and education. Dan’s security-related project work has ranged from requirements analysis for enterprise information security to designing and implementing security for database applications and enterprise portals. Dan has written about information security and other enterprise information management topics for Business Security Advisor, DM Review, Intelligent Enterprise, and E-Business Advisor. You can contact Dan at: dan_sullivan@realtimepublishers.net