Often this is done by having the admin “check out” the elevated credentials, with a preset expiration period.Ĭredential hygiene is essential to strong database security, because attackers often, if not nearly always, seek to compromise privileged accounts to gain access to confidential data. The majority of admins should be assigned elevated permissions or privileges on a limited basis. Precious data also includes critical subsystems that support delivering and securing actual data, including Active Directory domain controllers, credential databases, DNS, DHCP, network routers, and other services, all of which have their own security defenses. Precious data is stored in databases, application data repositories, and now the cloud, as well as on backup media and removable media. As one CIO told me years ago, “If you think you know where all your data is, you’re kidding yourself.” Identify the crown jewelsįirst, you need to identify your most precious data. Follow these five recommendations and your mission-critical data will be well protected. 1 is to protect the organization’s data - including employee and (especially) customer data.īut guess what? People need to work with that data or you wouldn’t store it in the first place - which is why most data security measures focus on ensuring only trusted, authorized parties get access to it. After all, we don’t deploy antimalware software, tighten security configurations, or implement firewalls to protect users, per se. Nearly everything we do in computer security is meant to protect data.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |