Prat Moghe

Prat Moghe is SVP Strategy and New Markets, and General Manager for the Data Compliance division at Netezza 

Matt Benati

Matt Benati is Director of Marketing for the Data Compliance Division of Netezza. 

Subscribe By Email

Your email:

Links of Interest

Blogroll

Browse by Tag

Keepers

Data Auditing Blog

Current Articles | RSS Feed RSS Feed

Catching Passport file breaches - Data Activity Monitoring at Work

Posted by Prat Moghe on Fri, Mar 21, 2008
  | Share on Twitter Twitter | Share on Facebook Facebook | Submit to Digg digg it |  Add to delicious  delicious |  Submit to StumbleUpon StumbleUpon |  Share on LinkedIn LinkedIn | Submit to Reddit reddit 
In case anyone is wondering how data activity monitoring is supposed to work, the recent passport file breaches are a classic example. With both Senators Clinton and Obama, the breaches were detected because the computer system detected file access out of the norm. We do not have details on whether this norm was based on who they were, or based on pattern of access. The important point is that the systems caught unusual access, probably in real-time – apparently on January 9, February 21, and March 14 in three separate incidents.

Usually enterprises lead security and IT innovation and the government follows. Here, for once, enterprises can take a lesson from the government. Enterprise databases are notorious for not being monitored. It is commonly believed that data breaches (such as TJX, Monster, Hannaford, etc.) are vastly underreported because we do not monitor how data is being accessed. If only enterprise databases were wired with data activity monitoring, we would find out how many critical breaches really happen.

Regardless of the political fallout of the passport breach incident, I do see a valuable technical lesson in security for enterprises.

Tags: 

Comments

Currently, there are no comments. Be the first to post one!
Post Comment
Name
 *
Email
 *
Website (optional)
Comment
 *

Allowed tags: <a> link, <b> bold, <i> italics