Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Sony Breach Illustrates Corporate Database Security Insufficiency

Origin Storage : 06 May, 2011  (Technical Article)
Origin Storage comments on the Sony data breaches and examines the implications for data security in large corporate environments
Sony Breach Illustrates Corporate Database Security Insufficiency



Reports that Sony is in database leak hell - with a further 25 million users of its online entertainment service having had their credentials compromised - is serious blow to the Japanese IT giant's credibility but, says Origin Storage, the bigger question is what other database leaks are lurking in the electronic undergrowth.


According to Andy Cordial, managing director of the secure storage systems specialist, with major database incursions taking place on an almost daily basis, it is clear that current corporate security defence strategies are no longer enough.


"Quite aside from the Sony double-whammy, there have been hacks of several corporates, including the Epsilon database cracking incident, in recent weeks. Regardless of what caused these incursions, it is now clear that the database security systems in active use on both sides of the Atlantic are no longer sufficient," he said.


"Most security professionals understand that a multi-layered approach can be the best option, but - until now - this was not always the most cost-effective approach. The $64,000 question, however, is what is the real solution to this pressing issue," he added.


The answer, says the Origin Storage MD, is that a multi-layered approach need not be the expensive option that many IT managers are so fearful off.


Technologies can provide a highly cost-effective solution to data that needs to be moved around, including across and even outside the office.


It's important, he explained, to understand the difference between data at rest and data on the move, as well as the need to better defend data on a centralised database.


Good security, Cordial argues, is all about deploying the optimum security for a variety of situations. With a centralised database, there may be an argument for the use of multi-level authentication technology alongside encryption, meaning that even if the encryption system is broken for whatever reason, access to the data can still be restricted.


And when IT staff have move data around on a portable basis, perhaps for backup purposes, he says, they can use multi-level security.


What we are seeing, says the Origin Storage MD, is an obvious change in the modus operandi of hackers who are intent on extracting user credentials from as many corporates as possible.


Whatever their methodology, however, the fact is that IT managers need to raise the bar when it comes to protecting their data, and this can most cost-effectively be carried out using a mixture of security technologies.


"It's very easy to lose sight of the fact that fraudsters will always tend to gravitate towards the easiest system to crack. Put simply, this means that, if you make it difficult enough for them on your own firm's IT systems, they will go elsewhere," he said.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo