Comprehensive Database Security

Similar documents
McAfee Embedded Control

McAfee epolicy Orchestrator

McAfee Embedded Control for Retail

Securing Your Microsoft Azure Virtual Networks

McAfee Public Cloud Server Security Suite

Securing Your Amazon Web Services Virtual Networks

McAfee Total Protection for Data Loss Prevention

McAfee MVISION Cloud. Data Security for the Cloud Era

SIEM: Five Requirements that Solve the Bigger Business Issues

United Automotive Electronic Systems Co., Ltd Relies on McAfee for Comprehensive Security

SIEM Solutions from McAfee

GDPR: An Opportunity to Transform Your Security Operations

Security and PCI Compliance for Retail Point-of-Sale Systems

Security by Default: Enabling Transformation Through Cyber Resilience

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

McAfee Embedded Control

THALES esecurity: SECURING YOUR DIGITAL TRANSFORMATION

Building Resilience in a Digital Enterprise

McAfee Embedded Control for Healthcare

McAfee Endpoint Security

align security instill confidence

HIPAA Regulatory Compliance

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)

IBM Internet Security Systems Proventia Management SiteProtector

CipherCloud CASB+ Connector for ServiceNow

McAfee Application Control/ McAfee Change Control Administration

Protecting Your Enterprise Databases from Ransomware

Symantec Network Access Control Starter Edition

McAfee Advanced Threat Defense

McAfee Skyhigh Security Cloud for Amazon Web Services

SOLUTION BRIEF FPO. Imperva Simplifies and Automates PCI DSS Compliance

Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs

Privileged Account Security: A Balanced Approach to Securing Unix Environments

SOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

VORMETRIC TRANSPARENT ENCRYPTION ARCHITECTURE

ADDRESSING PCI DSS 3.0 REQUIREMENTS WITH THE VORMETRIC DATA SECURITY PLATFORM

Integrated McAfee and Cisco Fabrics Demolish Enterprise Boundaries

SECURITY PRACTICES OVERVIEW

McAfee Embedded Control for Aerospace and Defense

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

Choosing the Right Security Assessment

Teradata and Protegrity High-Value Protection for High-Value Data

Power, Patch, and Endpoint Managers Expand McAfee epolicy Orchestrator Platform Capabilities While Cutting Costs

HIPAA Compliance Checklist

CloudSOC and Security.cloud for Microsoft Office 365

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Automating the Top 20 CIS Critical Security Controls

McAfee Database Security Insights

TRANSPARENT ENCRYPTION ARCHITECTURE

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Symantec Client Security. Integrated protection for network and remote clients.

An ICS Whitepaper Choosing the Right Security Assessment

Global Manufacturer MAUSER Realizes Dream of Interconnected, Adaptive Security a Reality

CA Security Management

Watson Developer Cloud Security Overview

Total Protection for Compliance: Unified IT Policy Auditing

McAfee Endpoint Threat Defense and Response Family

Data Sheet: Endpoint Security Symantec Network Access Control Starter Edition Simplified endpoint enforcement

Symantec Network Access Control Starter Edition

McAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks

SYMANTEC DATA CENTER SECURITY

Symantec Security Monitoring Services

McAfee Virtual Network Security Platform

Expand Virtualization. Maintain Security.

Reducing Operational Costs and Combating Ransomware with McAfee SIEM and Integrated Security

Say Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Data safety for digital business. Veritas Backup Exec WHITE PAPER. One solution for hybrid, physical, and virtual environments.

PROTECT AND AUDIT SENSITIVE DATA

The Convergence of Security and Compliance

epldt Web Builder Security March 2017

6 Vulnerabilities of the Retail Payment Ecosystem

SMARTCRYPT CONTENTS POLICY MANAGEMENT DISCOVERY CLASSIFICATION DATA PROTECTION REPORTING COMPANIES USE SMARTCRYPT TO. Where does Smartcrypt Work?

Fine-Grained Access Control

McAfee Product Security Practices

Encryption Vision & Strategy

Secure Access & SWIFT Customer Security Controls Framework

Symantec Network Access Control Starter Edition

SECURE DATA EXCHANGE

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

Oracle Database Vault with Oracle Database 12c ORACLE WHITE PAPER MAY 2015

Industrial Defender ASM. for Automation Systems Management

Defend Against the Unknown

Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT

Compliance Brief: The National Institute of Standards and Technology (NIST) , for Federal Organizations

SAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts

McAfee Skyhigh Security Cloud for Citrix ShareFile

Best Practices in Securing a Multicloud World

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

The McAfee MOVE Platform and Virtual Desktop Infrastructure

10 Hidden IT Risks That Might Threaten Your Business

Who s Protecting Your Keys? August 2018

McAfee Web Gateway Administration

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Complete document security

Five Essential Capabilities for Airtight Cloud Security

Trustwave Managed Security Testing

Sustainable Security Operations

Transcription:

Comprehensive Database Security Safeguard against internal and external threats In today s enterprises, databases house some of the most highly sensitive, tightly regulated data the very data that is sought after by malicious insiders and external attackers. With solutions from McAfee and Thales esecurity, your organization can establish a strong, comprehensive defense for databases and the assets they contain. McAfee Compatible Solution from Thales esecurity Vormetric Data Security Platform Vormetric Transparent Encryption Vormetric Application Encryption Vormetric Data Security Manager McAfee Data Center Security Suite for Databases McAfee Vulnerability Manager for Databases McAfee Database Activity Monitoring McAfee Virtual Patching for Databases Vormetric Key Features Data-at-rest encryption. Integrated key management. Privileged user access control. Granular audit logs. 1 Comprehensive Database Security

The Limitations and Risk of Traditional Approaches Within your enterprise, databases represent a central aggregation point and a focal point for thieves. Databases are where a wide range of corporate assets ultimately reside, including sensitive, regulated resources, like customer payment data, patient records, intellectual property, and much more. In short, your databases, whether physical or in the cloud, hold the data that matters to your business and the data that is prized by malicious insiders and external attackers. The traditional focus of security teams has been on establishing and shoring up perimeter defenses. However, these defenses leave your organization s databases exposed to a range of insider threats: Privileged users can exploit their visibility and permissions to access private data, sabotage configurations, and hide their tracks. Other staff can abuse their access privileges, or they may inadvertently circumvent policies and leave data exposed. If administrator or user credentials are compromised, external attackers can also exploit these permissions to wage attacks. To comply with your organization s security policies and regulatory mandates, your security teams need to address these threats. This requires the establishment of strong defenses for corporate data in databases. Joint Solution McAfee and Thales esecurity provide a joint solution that establishes comprehensive protections for sensitive database assets, whether they are physical or cloud-based. The integrated solution enables you to implement multilayer defenses, so that your organization can guard against a wide range of threats. The solution includes: McAfee Data Center Security Suite for Databases: This solution helps safeguard databases against abuse from authorized and unauthorized access, including malicious database administrators, SQL injection attacks, and more. Vormetric Data Security Platform from Thales esecurity: With Vormetric solutions, organizations can establish strong controls over sensitive data in databases and files, whether they are on premises or in the cloud. Vormetric helps guard against abuse at the system level, for example, safeguarding against administrator abuse or lost or stolen media. McAfee Solutions McAfee Data Center Security Suite for Databases includes technologies that can scan, monitor, and secure databases. The suite features these products: McAfee Vulnerability Manager for Databases: Automatically discovers databases on your network, determines if the latest patches have been applied, and conducts more than 4,700 vulnerability checks. Key Capabilities McAfee Data Center Security Suite for Databases Maximizes visibility and protection from all sources of attacks. Monitors external threats, privileged insiders, and sophisticated threats, from within the database. Protection from threats, even before installing vendor-released patch updates. Non-intrusive software design means no disruption to production databases. Vormetric Data Security Platform from Thales esecurity Secure all data-at-rest, including databases, logs, and unstructured data for both physical and cloudbased deployments. Centrally manage cryptographic keys, policies, and access. Quickly detect advanced persistent threats (APTs) and insider abuse. Simplify encryption deployment and management. Address the most stringent security policies and compliance mandates. 2 Comprehensive Database Security

McAfee Database Activity Monitoring: Automatically finds databases on your network and protects them with a set of preconfigured defenses. The product monitors activity on each database server and can spot and block malicious behavior in real time. McAfee Virtual Patching for Databases: Shields databases from the risk presented by unpatched vulnerabilities. The product can detect and prevent attempted attacks in real time. With the offering, you can apply patches without having to test applications or take databases offline. Thales esecurity Solutions The Vormetric Data Security Platform delivers robust encryption and key management, granular access controls, and logging. Security teams can encrypt sensitive database data and apply granular policies as to who can decrypt that data. By leveraging the Vormetric Data Security Platform, organizations can address their most stringent security policies and regulatory mandates The Vormetric Data Security Platform from Thales esecurity includes these products: Vormetric Data Security Manager: Provides a central platform for managing encryption, policies, keys, and security intelligence. Offered as a physical or virtual appliance, Vormetric Data Security Manager enables your administrators to centrally manage encryption across thousands of databases. Vormetric Transparent Encryption: Equips your security team with file-level encryption, access control, and security intelligence. Vormetric Typical Threats: Abuse of database access, including SQL injections Users Applications Database Operating System Data Typical Threats: Unauthorized system access to data or lost media (server, disk) Awareness of database user and rights Database discovery, activity audit and access controls Database file encryption, filelevel audit and access controls Cryptographic key management Figure 1. By leveraging McAfee and Thales esecurity solutions, organizations can protect their databases against a broad range of threats. Transparent Encryption can be deployed without having to re-architect applications, infrastructure, or business practices. Vormetric Cloud Encryption Gateway: Enables organizations to safeguard files in cloud storage environments. The cloud security gateway solution encrypts sensitive data before it is saved to the cloud storage environment, enabling security teams to establish the visibility and control they need around sensitive assets. Vormetric Application Encryption: Makes it easy to add column-level encryption to an existing application. Development teams can implement the solution without having to acquire encryption or key management expertise. With Vormetric Application Encryption, your organization can secure sensitive 3 Comprehensive Database Security

Privileged Users *$^!@#)( - _}?$%-:>> root SA user Approved Processes and Users John Smith 401 Main Street Encrypted and Controlled Clear Text Vormetric Security Intelligence Logs to McAfee Enterprise Security Manager Operating System DSM Vormetric Data Security Manager virtual or physical appliance File System Application Database Storage Server Volume Managers Allow/Block Encrypt/Decrypt Big Data, Databases, or Files Encrypted Cloud Administrator, Storage Administrator, and Others *$^!@#)( - _}?$%-:>> Figure 2. Thales esecurity solutions augment McAfee database security solutions, enabling organizations to enforce encryption and granular policies over sensitive data access. data in fields or columns in any database. You can encrypt data before it is written into the database and ensure data is encrypted at the application server, in transit, and in the database. Vormetric Solution Advantages By deploying the Vormetric Data Security Platform from Thales esecurity, your organization gains several key advantages: Flexible implementation and broad environment coverage: By leveraging the platform s flexible implementation of centralized policy and key management, you can address security policies and compliance mandates across databases and files whether they are located in the cloud, in virtual infrastructures, or in traditional infrastructures. Vormetric solutions offer significant flexibility in implementing security in the cloud. Choose virtual or hardware appliances, and run them in the provider s cloud or on premises. Either way, your organization retains control over keys and data. Structured and unstructured data support: Vormetric solutions complement the database discovery capabilities offered by McAfee. The Vormetric Data Security Platform from Thales esecurity gives your IT organization a consistent and repeatable method for managing encryption, access policies, and security intelligence for all structured and unstructured data. Granular privileged user access policy enforcement: With the Vormetric Data Security Platform from Thales esecurity, security teams 4 Comprehensive Database Security

can enforce granular, least-privileged user access policies by user, process, file type, time of day, and other parameters. Security teams can control not only whether users are granted access to clear-text data, but what file system commands are available. With Vormetric, organizations can create a layer of separation between systems and the data they hold. In this way, security teams can enable administrators to manage configurations and ongoing maintenance on specific database servers, without being able to view the sensitive data that resides on those systems in the clear. Comprehensive compliance controls and audit trails: The optional combination of Vormetric Security Intelligence logs and McAfee Enterprise Security Manager meets many general compliance and regulation controls for data encryption, data sovereignty, least-privileged policy, and data access auditing. The Vormetric Data Security Platform from Thales esecurity delivers detailed logs that can prove to an auditor that encryption, key management, and access policies are working effectively. Logs specify when users and processes accessed data, under which policies, and if access requests were allowed or denied. The logs will even reveal when a privileged user submits a command like switch user in order to attempt to imitate another user. In addition, Vormetric audit logs can be fed into McAfee Enterprise Security Manager to speed detection of APTs and insider abuse and to create compliance reports. Administrative simplicity: Vormetric Data Security Platform from Thales esecurity offers a range of features that help minimize the time and effort associated with implementing and maintaining encryption. The platform features file encryption capabilities that can be implemented without requiring any recoding of associated applications. Further, it offers a unified and centralized platform for managing data-at-rest encryption and key management across an enterprise. Learn More To learn more about the McAfee Enterprise Security Manager and Vormetric Data Security from Thales esecurity joint solution, please visit McAfee or Thales esecurity. 2821 Mission College Boulevard Santa Clara, CA 95054 888 847 8766 www.mcafee.com McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in the US and other countries. Other marks and brands may be claimed as the property of others. Copyright 2017 McAfee, LLC. 3395_0817 AUGUST 2017 5 Comprehensive Database Security

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback