Data and Information Leakage
Data and Information Leakage:
It is the event of unauthorized transmission of data from within an organization to an external destination or recipient.
Types of Data Leakage
Data Leakage can happen in many forms, yet the bottom line is that, it can initiated equally by an external or internal source. So organization are becoming nowadays are obliged to take more and more protective measures to address all potential area of concern in this regard to ensure that those threats are being prevented. Here are the three most major causes of Data Leakage:
Unintentional Breach:
This type of breach usually happen due to mistaken delivery of confidential information to unintended recipient/s. While this type of breach doesn’t mitigate the potential legal penalties and reputational damage that could occur in such circumstances, additional measures of strategical security designs as of who shall be given what level of security and the scope within which such information shall be communicated.
Ill-Intentional Employee:
This could happen when a disgruntled employee has intention to cause his organization damage intentionally or due to a promise of a hefty payout by a cybercriminal. Which is often referred to as data exfiltration. This can detected and prevented in early stages if the company has invested in their security policies to create preemptive detection and warnings of such potential security threats and breaches.
Phishing Attacks
Which is a by definition a fraudulent trial from a cybercriminal to obtain access to confidential and/or sensitive information such as usernames, passwords and credit card details while disguising their identity as a trustworthy entity over an electronic communication.
Here with DataSunrise as a comprehensive Database Security Suite, we can help you enforce protection against all possible data leakage scenarios in the following ways:
- Database auditing:
DataSunrise is currently helping customers around the globe to meet their security requirements by auditing their ongoing database traffic by enabling them enforce fine grained auditing policies. DataSunrise can help you provide periodic reports for all ongoing
- Data Masking:
Most of the reported data leakages incident were a result of employee abused the trust between themselves and the organization while PoLP, also known as the principle of minimal privilege or the principle of least authority isn’t strictly applied. Access to Personally Identifiable Information is becoming subject to law enforcement around the globe nowadays which is a result of such incidents mentioned above an compliance with such legal regulations can be met by obfuscating this sensitive information and making them available in a format that can help departments like Development and testing get their job done without revealing any sensitive information to them. DataSunrise has an extensive library of masking policies, yet it also has the ability to incorporate its masking operations with custom built programmatic functions. DataSunrise has two ways of masking static to retain the masked information in a separate database instance but it also enables customers to build on their current as it can dynamically mask data on the fly while it’s being served to end users, with minimal overhead as DataSunrise makes sure that the correct query gets pared and passed to the database so it’d absorb any impact on behalf of the database server and almost cause no latency.
DataSunrise masking is an exceptionally outstanding capability of the Database Security Suite. DataSunrise can mask data as per your own defined obfuscation method of choice:
Access Control
While it’s obvious that access to certain contents of the database shall be granted granularly on the database level to the concerned users/applications, it’s highly recommended that you would incorporate an additional layer of security which DataSunrise offers to prevent access to certain contents in the database based on certain schedules to make sure that any attempt to acquire access to the database from certain hosts, applications or even database user can be prevented based on a fine grained security that would traffic to the database if it’s actually welcomed to be passed. This way DataSunrise can actually complete your database security measures by adding another layer of security or a dine-grained Database Firewall, if you will.
DataSunrise Access Security modules Scheduler is an important part of our offering which can be used as per depicted image here: database activities, but also can enable triggering notifications corresponding to thresholds set for activities that would be deemed alarming like an employee exceeding the normal threshold of expected reporting scope. Such features of DataSunrise are there not only to help catch potential offensive breach within the organization but also to reduce the clutter of any false alarms and guarantee that a notification would be propagated to an email or an instant message only when it’s actually needed. An example of how you can do that using DataSunrise is shown below:
So you can allow database activities to be audited for queries of any type you choose and for any number of rows you deem normal or what is deemed otherwise. More on this is detailed in the User Guide of DataSunrise, please reach out to us for more details.
Moreover DataSunrise incorporates the ability to propagate Audit Events to subscribed services for instant notification of Security personnel if an auditing threshold has been hit identifying a potential Data Leakage situation:
This way, you would be able to use this additional layer of security to control the time and access scope of the database contents and reduce the exposure to the minimal level possible by incorporating those layers of Security DataSunrise offers tightening all potential reasons for data leakage.
