Web Application & Development
At its core, security is all about risk reduction. One of the most effective database security practices, defense-in-depth, employs multiple layers of protection to reduce the risk of intrusion. It is analogous to the many defensive layers surrounding a medieval castle: drawbridge, moat, the outer wall, the inner keep, archers manning the wall, soldiers stationed outside the wall, etc. No single level of defense is infallible; and yet all of these layers cannot ensure the castle will be 100% impenetrable. However, these layers of protection can make the castle (and its crown jewels) less vulnerable to attackers.
In Atlas monitoring involves reviewing, analyzing, and even simulating attack on own database to find security holes. This is considered a crucial piece in a layered defense methodology because it is necessary to identify what types of vulnerabilities are in existence and where they are so that they can be properly patched and fixed. This will also facilitate Altas to suggest you the effective preventive measures, database performance tuning schedules and reduce the vulnerabilities on a larger scale.
We in Atlas also ensure Security auditing which an independent review and examination is of data processing system records and activities to test for adequacy of system controls, to ensure compliance with established security policy and operational procedures, to detect breaches in security, and to recommend any indicated changes in control, security policy, and procedures. Intrusion detection/security auditing is a method of monitoring and responding to an attack when it occurs, and depending on the degree of severity, it will also allow you to respond to valid yet- potentially malicious activity. In a worst-case scenario, should an attack happen, you will be alerted on the activity and be better enabled to counter with a quicker response before your database can be thoroughly exploited and your sensitive data compromised. In addition, you will also want to locate and fix the hole through which the attackers came through.
Monitoring and security auditing of your organization’s database applications is a critical component of achieving a strong defense-in-depth strategy around your sensitive data. However, to be efficient and effective Atlas uses the right combination of tools. Monitoring and security auditing should never replace other necessary layers in the security stack, instead it should complement the existing pieces. Database intrusion detection and security auditing continues to grow in importance because of the rising volume of successful database breaches, and the resulting security legislation and regulations.
