Monday, 28 August 2017 19:24

7 Ways to Ward Off Insider Threats

In this article, Tim Macdermid from MarkLogic outlines the steps organisations need to take to ensure the data itself stays secure within the database.

We hear regularly about confidential information leaking into the public domain by organisations thought to have the toughest security in place. In fact, sixty-nine percent of enterprise security executives reported experiencing an attempted theft or corruption of data by insiders in the past year, according to Accenture and HfS Research.

Add in the numerous other breaches reported of late and the message is clear: securing the perimeter doesn’t always work.

Since the database sits at the core of any enterprise operation – and as it is responsible for leveraging and sharing data securely and privately across internal and external borders – it arguably holds the most power and requires the most protection from the growing issue of insider threats.

Here are steps organisations can take to ensure the data itself stays secure within the database:

  •     Advanced Encryption:  This sophisticated level of encryption protects data from hackers and insider threats using standards-based cryptography, advanced key management, and automatic and fast granular key rotation. It helps to provide separation of duties between the security administrator and any system, network, or database administrator – a key security principle.
  • Element Level Security:  Allows specific elements of documents to be hidden from particular users, providing an even more granular level of security over traditional document-level security. The increased line by line granularity means greater data protection.
  • Redaction:  Eliminates the exposure of sensitive information, such as personally identifiable information. Redaction does this by removing, replacing, or blocking out sensitive information in order to prevent leakage or the violation of laws or regulations. Most importantly, it gives organisations the assurances they need to share data safely.
  • Standards Focus:  Standards Focus security includes features like Common Criteria Certification, compartment security and data auditing, as well as strict access controls and authentication that works with the organisation’s existing IT infrastructure. Common Criteria is an internationally recognised International Standards Organisation (ISO/IEC 15408) used by governments and other organisations to assess the security capabilities of technology products.
  • Principle of Least Privilege:  The requirement that within a particular layer of a computing environment, a user, program, or process only has access to the information and resources necessary to do the job. This includes app security controls around APIs and security capabilities as provided by the database.
  • Effective Data Governance Policies:  It’s important to implement and follow effective data governance policies and best practices such as maintaining access controls, metadata, data quality, and security features. When attributes can travel with the data, as is the case with an operational and transactional enterprise NoSQL database platform, then the policy enforcement can be more granular and effective.
  • The Strongest Available Authentication:  Using the strongest or highest level of authentication ensures the security and quality of the data. Examples of this type of authentication include, LDAP, Kerberos and an external Key Management System.

We live in an era of constant data breaches that often occur from within an organisation. But deploying the latest in data security technologies can help organisations protect against insider theft and negligence. MarkLogic’s industry-leading data security features like advanced encryption, element level security and redaction mean that customers can be confident that their data is not only highly available and manageable, but secure as well.

For more information about MarkLogic 9 – the latest release of next generation database technology – visit www.marklogic.com/what-is-marklogic/whats-new.

About MarkLogic

For over a decade, organisations around the world have come to rely on MarkLogic to power their innovative information applications. As the world’s experts at integrating data from silos, MarkLogic’s operational and transactional Enterprise NoSQL database platform empowers our customers to build next generation applications on a unified, 360-degree view of their data. Headquartered in Silicon Valley, MarkLogic has offices throughout the U.S., Europe, Asia, and Australia. For more information, please visit www.marklogic.com.

For further media information, interviews or images, please contact: Dana O’Neill, PR for MarkLogic, dana@speakeasystrategies.com.

Read 25128 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE

Related items

Share News tips for the iTWire Journalists? Your tip will be anonymous

VENDOR NEWS