Once again we are talking mostly about internal intruders, those getting access to information they are not authorized to use or using authorized information in an unauthorized manner.
And three recent product releases could point you in the right direction or at least help you frame the issues.First we note that Embarcadero Technologies Inc's recent acquisition of database-security software maker SHC Ambeo Acquisition Corp. has yielded database-monitoring software in the form of Ambeo's Activity Tracker, a database-auditing mechanism that monitors all user activity in real time, and Usage Tracker, which provides historical statistics on how data is being accessed and used.
Similarly, Consul Risk Management Inc. brought out version 6.0 of its flagship InSight Suite that helps administrators analyze user and system activity and report on who touched what information and how those actions may violate external regulations or internal security policies.
And earlier this week Tizor unveiled its Mantra activity-auditing appliance. Mantra monitors what individual users are doing with mission critical applications and data by using analytics capabilities such as behavioral fingerprinting, which detects patterns in user activity that could signal malicious activity.
What each of these monitoring systems has in common is the focus on user activity rather than simply checking access rights. You may have policies governing the use of corporate databases, but no matter how well defined the policies, if you lack visibility into the usage patterns, you lack the controls required under several regulations, including SOX and HIPAA.
And the usage behavior doesn't have to be malicious to be non-compliant. The ability to flag and investigate abnormal data use, no matter how inadvertent, is just as important as catching those with bad intent.
When it comes time to attest to your internal controls, how your data is used can reveal just as much as who is using it.