Why strengthen database protection?
“Through our monitoring centers, we try to detect suspicious or abnormal situations. However, in a world of finite resources (skills, resources, … limited), we see in the news, that unfortunately malicious acts, theft or the destruction of data, can be advantageous to some. Excellium360 has been designed to target data protection more precisely. To protect data in the context of the cloud, or data warehouses directly.” answers Christophe Bianco, Managing Partner at Excellium Services.
Moreover, regulations nowadays oblige entities to take measures to guarantee data protection. Beyond compliance, envisaged at a legal level, this protection must be reflected in the approach to IT security. To protect the most essential data and ensure business continuity, it is at the database level that security must be strengthened. How to protect against a data leak? This question is a key concern for many business leaders. The increase in the number of data leaks and ransomware cyber-attacks in recent months is cause for concern. With the strengthening of data protection regulations, organizations are more exposed than ever to sanctions from regulators. “Companies are having to juggle with an increasing volume of data. On the other hand, they have to take into account increasingly stringent regulatory issues. They must therefore prioritize their choices and invest wisely to protect themselves against the risks associated with data management,” says David Dutertre, Solutions Offering Manager, at Excellium Services.
Secure data effectively beyond compliance
The implementation of the General Data Protection Regulations (GDR or GDPR) was intended to strengthen data protection. “Too often unfortunately, the GDPR has been approached from a compliance perspective and not from a security perspective. It remains difficult for many companies to ensure and demonstrate that the means to ensure data protection are well applied”, comments Gaëtan Franquin, Pre Sales at Excellium Services.
The cybersecurity company, market leader in Luxembourg and present in Belgium, France and sub-Saharan Africa, has made this observation on numerous occasions. “We are regularly mandated by insurance companies to intervene at one of their customers’ premises after an incident,” continues Gaëtan Franquin. “In 80% of cases, if there is a data breach, it is very difficult to find traces to determine the cause, assess the extent of the problem or identify the data concerned.”
To have a global view on sensitive data
Faced with these challenges, Excellium Services has recently decided to strengthen its global IT Security Management offer. With Excellium 360, it leverages IBM’s Guardium solution to ensure optimal database protection. Beyond the security of IT systems, it is important to have a global view of the status of your data,” says David Dutertre. Today, behind every application there is a database that needs to be protected. Now we can offer permanent monitoring of these sources of information (which usually contain essential structured data) in order to detect anomalies.”.
Ensure data security in compliance with regulations
It is these databases that are most often the targets of attack, because they usually contain a lot of data that can be exploited easily by malicious individuals. However, leaks can also be unintentional, for example being sent from one employee to another via an infected mailbox,” explains Gaëtan Franquin. The IBM Security Guardium solution allows you to verify that data is managed and secured in compliance with GDPR and other regulations, and to quickly produce compliance reports. In addition, it enables real-time monitoring of data access and manipulation. It is therefore possible to know, for each piece of data, whether it has been modified or extracted. “
The tool can continuously assess the level of safety, prevent problems, detect intentional or unintentional leaks, and provide support for incident response and the recovery of operations. “The organization has greater visibility into how its most sensitive data is secured and used. It ensures that incident response is as effective as possible. With such a solution, the data affected by the leak can be quickly identified and a clear and documented response can be provided to the regulator. The result is increased confidence in how the data is managed and protected,” David Dutertre continues.
Ensuring the protection of sensitive data above all else
The implementation of the solution can be considered as a complement to infrastructure and application monitoring performed either by Excellium’s Security Operation Center (SOC) or independently. The solution can be applied to any database, regardless of the underlying technology. “If it helps strengthen security by being as close to the data as possible, such a solution can be applied to the most sensitive information once it has been identified. As we often say, you can only protect what you know well,” continues Gaëtan Franquin. The risks associated with a leak are significant. Beyond the losses related to an interruption in operations or exposure to sanctions from the regulator, it is the company’s reputation that can suffer considerably from an incident resulting in the compromise of data. Once vital data has been properly identified, it is essential to take appropriate measures to protect it.”.