When most IT professionals start planning for better database security, implementing database activity monitoring, encryption, and patch management all come to mind as the first steps to shoring up their sensitive data stores. These are all definitely imperative to create strong data security, but jumping into projects like these without properly segregating data and segmenting the network is putting the cart before the horse.
“Medium to large organizations are not segmenting enough,” says Chris Novak, managing principal at Verizon Business. “In these organizations they’ve got databases spread over offices, campuses, and complexes around the globe. And the problem is that if they’re not segmenting, then a risk in one place becomes a risk everywhere.”
According to experts, network segmentation lays the foundation for the most effective database security programs for a number of reasons, but perhaps the most important one is pragmatism. Even though database security practices have improved dramatically during the past few years, very few organizations are even close to perfecting these practices.
Read the full story at Dark Reading.