Setting Up a Database Security Logging and Monitoring Program

by Jim Horwath
Sept. 1, 2017 0 comments SANS Institute application and database security

Many corporations concentrate the majority of their resources towards securing the perimeter of their networks, often neglecting the most critical company asset, databases. This results in a security architecture that resembles a hard-shell chocolate candy, crunchy on the outside, gooey and vulnerable on the inside. Databases contain the most valuable data companies own – customer, employee, financial and intellectual property to name a few categories. Protecting, logging, and monitoring database data should be a core activity of every business, unfortunately many businesses fail to provide adequate security logging and monitoring for their databases. This paper will discuss implementing a security and logging program with the end goal of increasing the protection of data.