SANTA CLARA, Calif.--(BUSINESS WIRE)--McAfee today announced a comprehensive database security solution that protects business-critical databases without impacting performance and availability. McAfee’s coordinated approach, based on the Security Connected initiative launched in October 2010, involves protecting a company’s most important data assets from network to server to the database itself. This approach means the data is protected in every state (data in motion, data at rest, and data in use) via access controls, network security, server security, data protection and encryption - all centrally managed to minimize risk and maximize efficiency.
Businesses store their most critical and sensitive data in databases and because they are frequently part of mission-critical applications, database administrators will often create locked-down “gold” configurations optimized for performance and availability. They are reluctant to alter these optimized configurations in order add security software on the machine for fear of performance degradation or potential downtime. In a recent market outlook survey by Evalueserve, databases were cited as the most challenging part of IT infrastructure to protect, which explains why for many customers the level of database protection does not match the criticality of the data. Research shows that more than 92 percent of records breached involved a database, with more than 87 percent based on exploits requiring significant technical skills.
“Data is the lifeblood of every organization. Any loss, interruption, or breach could mean disaster,” said Stuart McClure, senior vice president and general manager, Risk and Compliance, McAfee. “McAfee is committed to providing our customers with best-in-class database security solutions. We designed a comprehensive security solution to protect even the most dynamic of database environments. Our commitment is made more evident by today’s announcement of our pending acquisition of Sentrigo, a leading provider of database security, monitoring and intrusion prevention solutions.”
McAfee Approach to Database Security:
- Automated Discovery and Assessment: In order to protect against abuse or attack, organizations need to have a comprehensive understanding of their database environment and where they are vulnerable. The McAfee solution includes McAfee Vulnerability Manager for Databases which automatically discovers all databases on the network, collects a full inventory of configuration details, determines if the latest patches have been applied and scans for vulnerabilities.
- Comprehensive Protection: Protection of critical databases involves protecting the data in motion, at rest and in use. It starts with network firewall and intrusion prevention to enable organizations to confidently discover, control, and analyze traffic and protect new and existing databases by allowing only the appropriate users and applications to access the databases. McAfee also ensures the server environment, whether physical or virtual, is optimally protected without impact to database throughput via application whitelisting and host intrusion prevention. To complete the solution, McAfee provides the third layer of defense on the data itself, whether at rest or in use through Data Loss Prevention (DLP) which helps ensure data integrity and utilizes policy to prevent improper transmission of critical data.
- Manage and Monitor: To maintain optimal protection, database security needs to be centrally monitored and managed to ensure fast access and reliable use. The McAfee database security solution is managed by ePolicy Orchestrator and includes McAfee Database Activity Monitoring (DAM), which not only tracks database changes, but also protects a customer’s most valuable and sensitive data from external threats and malicious insiders with real-time alerts and session termination.
“Users are increasingly anxious about the security of their data, and are looking for database security solutions that provide uniform coordination with policy management,” said Carl Olofson, research vice president of database management and data integration software research at IDC. “Having the ability to protect data at rest, in motion and in use through access control, encryption and auditing is a key area of importance. The ability to track vulnerability issues is a key differentiator which businesses are looking for when choosing database security solutions.”
Database security is a key element of McAfee’s overall strategy to secure data centers including servers. Organizations are placing more data than ever in their databases and moving to next-generation data centers that rely on fewer but far more powerful servers. To meet the needs of server security McAfee has a complete portfolio of products including McAfee Total Protection for Server and McAfee Management for Optimized Virtualized Environments (MOVE) to ensure server uptime and protection against advanced persistent threats.
McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), is the world's largest dedicated security technology company. McAfee delivers proactive and proven solutions and services that help secure systems, networks, and mobile devices around the world, allowing users to safely connect to the Internet, browse and shop the Web more securely. Backed by its unrivaled Global Threat Intelligence, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. McAfee is relentlessly focused on constantly finding new ways to keep our customers safe. http://www.mcafee.com
NOTE: McAfee is a registered trademark or trademark of McAfee or its subsidiaries in the United States and other countries. Other marks may be claimed as the property of others.