Database Monitor access control management
17.09.2020
Back to blog listSearchInform Database Monitor is a database activity monitoring software, which purpose is to mitigate an insider breach.
The software enables your risk manager automatically monitor enterprise-wide database activity, audit databases and business applications, prevent unauthorized data access and simplify compliance with data privacy and protection regulations like PCI DSS, Basel, HIPAA and full GDPR.
One of the key functions of SearchInform Database Monitor is access control management. It is crucial for any business, however small, to effectively manage employee actions and protect business data with its digital assets.
What is Unauthorized Access?
Unauthorized access is commonly understood as without permission access. A non-authorized employee somehow gains access to a company’s confidential data and somebody else’s endpoints, applications or devices.
Common causes of unauthorized access are:
• Phishing or so called stealing of user credentials
• Weak or shared passwords
• Abuse of position to gain unauthorized access
• Zeus/Zbot malware, which comprises of botnets aimed at gaining unauthorized access to financial systems by stealing credentials, banking information and financial data
In order to prevent employee’s endeavour to access confidential data they should not be accessing it is highly advisable to use rigid software.
Access control solutions can be used to stop employees from entering unsafe areas. Read more.
By adjusting access rights you will be able to control:
• Data, which includes leads and business opportunities
• The information created by employees within their work-time
• Information concerning product specifications
• Customer details such as name, phone number and address
• Records of commercial transactions
• Data concerning employee, investors, stakeholders and media interactions
Access control solutions is not a fanciful whim, but rather an indispensable business management tool.
Your risk manager will receive notification about all violations against security policy and will be able to mitigate the insider misdemeanor. The violations are visible in the AlertCenter console in the Incidents tab.
Case 1
Our experience proves that sometimes a regular employee can be more dangerous than a hacker.
A company’s accountant of one of our client did a regular report for CEO containing a detailed information on the terms and conditions of suppliers.
Inadvertently, the accountant confused the email address and sent this highly confidential base to one of the contractors. The accountant exported the needed details from a database he wasn’t supposed to have access to, but there were no elaborate policies to manage access rights restrictions.
As a consequence, the contractor seized a comprehensive package of insider financial information resulting the company into losing a decent amount of money.
Sending information to a wrong email address is a common case, the reason of which is naivety and carelessness of employees.
Case 2
This story occurred a couple years ago when our specialists detected that the database containing personal information of the hotel’s guests of our client company was freely available to all network users.
The information included card number details, names and surnames, passport numbers and booking dates.
Detecting this, SearchInform analysts were able to not only download, but also edit the data.
It appeared that the organization did not have a rigid security control of their data. Here the mention should be made, that after being informed the hotel quickly fixed the mistake. Otherwise, a big GDPR fine could be imposed.
Case 3
Next case displays an access violation in a major bank. Crucial business data featuring stock packages and personal accounts of shareholders leaked to the media. This incident significantly tarnished the bank's reputation. After conducting a thorough investigation, a risk compliance manager shed a light on the fact, that a number of regular employees had access to highly sensitive databases, whereas only C-level executives should. The disclosed information resulted into a remarkable loss of income over the year.
How does DAM solution prevent this type of incidents?
SearchInform Database Monitor will help you in detecting suspicious employee activity. As you set up security policies, you will receive immediate alerts upon questionable access activity. The software automatically builds a white list of the data objects regularly accessed by individual database accounts, it also blocks access when a profiled account attempts to access a data object that is not whitelisted.
SearchInform Database Monitor allows protecting your data proactively. Operating on-premises, in the cloud or blended hybrid, software specifies and enforces uniform data security and compliance policy. Database Monitor facilitates a transparent control across relational databases, mainframes, big data platforms, data warehouses, and enterprise file stores.
Our records in access control management prove that we work on a consultative basis and comprehend that no two businesses access control requirements will be the same, hence we made SearchInform DAM solution highly adjustable and customer tailored.
How does it work?
DAM Specifications
Database Monitor features a wide set of capabilities for MS SQL Server and PostgreSQL databases.
Database Monitor is used to create a shadow copy of SQL queries and responses to them via proxying them between the client and server. Interaction with the DBMS is performed through ODBC/JDBC interface. Database Monitor allows selecting databases and monitoring them: tracking changes in DB size, free and occupied space of storage with captured queries.
SearchInform Database Monitor can be used as a separate product or jointly, being integrated in SearchInform Risk Monitor. The joint use allows controlling operation of employees inside the infrastructure as a whole and in the corporate databases, providing seamless protection of the whole corporate information space.
