Auditing is the monitoring and recording of selected user database actions. It can either be based on individual actions, such as the type of SQL statement executed,                                                                                                                                                Audit

or on combinations of factor that can include user name, application, and time and so on. Security policies can trigger auditing when specified elements in an Oracle database are accessed or altered, including the contents within a specified object.

Auditing is typically used for the following:

  • Enabling the future accountability for current actions taken in a particular schema, table, or row, or affecting specific content.
  • Deter users or any other person from inappropriate actions based on that accountability.
  • Investigate suspicious activity. For example, if some user is deleting data from tables, then the
Read More →

One of the challenges facing organizations that need increase the security of their database firewall is to concretely provide appropriate “Return on Investment” (ROI) for procurement justification organizations can only allocate a finite amount of budget towards security efforts therefore security managers need to be able to justify any commercial services, tools and appliances they want to deploy. Producing tangible ROI for security efforts that addresses driver needs is both quite challenging and critically important.

roi

The challenge for security managers is to not focus on the technical intricacies of latest complex database firewall vulnerability or attack. To ensure there is proper security there is need for the use of vulnerability scan reports or the use of the cost of data …

Read More →

The study uses a confidential and proprietary benchmark method that has been successfully used in past research. However there are inherent shortcomings that come with the use of benchmark research that need to be carefully considered before drawing conclusions from the findings provided. Such limitations are very sensitive and can change a lot on how to view the performance of different companies so it’s wise to consider they include;

Cap

Non-response: The findings are based on a small representative sample of benchmarks. A few companies participate and complete the benchmark process. There is no test for a non-bias response so it is always possible that companies that did not participate are substantially different in terms of underlying data breach cost. This …

Read More →

In the calculation of data breach, there is use of a costing methodology called activity-based costing. This kind of methodology identifies activities and assigns a cost according to actual use. Companies participating in this benchmark research are asked to estimate the cost for all the activities they engage into resolve the data breach.

Typical activities for discovery and the immediate response to the data breach are very important and should be followed to the latter to ensure the data breach is properly handled. Such activities include the following:

 

calc

  • Conducting investigations and forensics to determine the root cause of data breach
  • Determining the probable victims of data breach
  • Organizing the incident response team
  • Conducting communication and public relations
Read More →

A data breach is where one’s personal information is put at risk either in electronic or paper format; such personal information may include an individual’s name, medical record, financial record or a debit card. Data breach is majorly caused by malicious or criminal attack, system glitch or a human error. The costs of a data breach can vary according to the cause and the protective measures in place at the time of the data breach. (Reading on Ways to secure your database may also be helpful to you.)

A compromised record is information that identifies the natural person (individual) whose information has been lost or stolen in the data breach. Examples can include a health insurer’s record of policyholder …

Read More →

The Most And Least Expensive Data Breaches:

German and USA companies have the most and costly data breaches. They also experienced the highest total cost. The least costly data breaches occurred in Brazil and India. In Brazil, the average total cost for a company was relatively higher than the ones of India.

Size Of Data Breaches:

On average, USA and Arabian region companies had data breaches that resulted in the greatest number of exposed or compromised records. On average, Japanese and Italian companies had the smallest number of breached records.

Causes Of Data Breaches Differ Among Countries:

Companies in the Arabian region and in Germany were most likely to experience a malicious or criminal attack, followed by France …

Read More →

HIPAA (Health Insurance Portability and Accountability Act)

This is an acronym used for the Health Insurance Portability and Accountability Act that was passed by Congress in 1996. HIPAA does the following:

  • Provides the ability to transfer and continue health insurance coverage for millions of American workers and their families when they change or lose their jobs
  • Reduces health care fraud and abuse
  • Mandates industry-wide standards for health care information on electronic billing and other processes; and
  • Requires the protection and confidential handling of protected health information

Health Insurance Policy

The portion of HIPAA addressing the ability to retain health coverage is actually overseen by the California Department of Insurance and the California Department of Managed Health Care.

Protection and Confidential

Read More →