Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Why database monitoring may, or may not, secure your data

Antone Gonsalves | June 13, 2014
A majority of IT security pros believe that continuous monitoring of the database network is the best approach to prevent large-scale breaches like the ones that occurred at retailers Target, Michaels and Neiman Marcus, a study showed.

The retailers have not disclosed whether SQL injection was involved in the attacks reported over the last eight months. The respondents' opinions were based on their own experience.

Nearly seven in 10 of the participants worked for organizations that must comply with Payment Card Industry Data Security Standard (PCI DSS). The standard is what retailers have to follow in order get approval to accept payment cards issued by banks.

"I would agree that SQL injection is likely involved because of its prevalence today, but I would also not yet draw a conclusion as we still do not have enough details," Henry said.

For example, Target has acknowledged that the credentials of a subcontractor that had access to the retailer's network were stolen. In addition, malware used to steal 40 million credit card numbers grabbed the data from the memory of the retailer's electronic cash register.

Target also had personal information taken from 70 million customer accounts.


Previous Page  1  2 

Sign up for Computerworld eNewsletters.