The RCP achieves compliance for data protection with the use of Secerno SQL for ensuring database protection
Secerno has successfully deployed Secerno.SQL, its award winning database security solution, at the Royal College of Physicians (RCP), an internationally acclaimed UK educational and membership organisation with over 22,000 Fellows and Members worldwide.Through this deployment, the RCP has ensured protection of all its highly sensitive data, both from known and unknown threats as well as SQL (Structured Query Language) injection attacks, currently the fastest growing threat to the security of organisations’ databases. Christopher Venning, IT and Network Support Manager, RCP, commented: “Over the years, we have invested heavily in protecting our network perimeter and locking down our website. However, the threat landscape is continually evolving and hacker attacks are becoming highly targeted, cleverly written to circumvent network defences. “We hold highly confidential information on our members. A data security breach would have disastrous ramifications for us, damaging not only our reputation, but also the security of our members, to whom we have a duty of care.” The implementation of Secerno.SQL involved a thorough security audit of all RCP’s legacy applications, identification of database storage areas, interactivity between databases, and data access policies across the organisation. Based on the findings, Secerno tailored its solution to meet the specific requirements of RCP in a logical and easy-to-understand format, ensuring best practice, clearly defined data access policies and thereby a very high level of data protection. Steve Hurn, CEO of Secerno, adds: “In view of the ever-increasing complexity of security threats, organisations can no longer make do with disjointed security measures, especially in today’s web-centric and geographically dispersed business environments. Security and data protection compliance can only be successful if measures are in place to actively pre-empt security breaches. Reactive security measures are futile – the damage in those situations has already been done.” Venning concludes: “Despite being a relatively new implementation, the results are clearly visible. We have a better understanding of how, why and by whom our databases are being used. And more importantly, we are in a position to continually make security improvements. It has been a very sound investment.”
|
