What is the Data Auditing & Data Encryption?
Confusion is plentiful when enterprises consider two related but distinct data protection technologies – data auditing and encoding (*). In my opinion, they’re two sides of an equivalent data protection coin. This post captures my latest thinking on this timely topic.
We will get into a technology discussion, but sometimes an easy analogy is worth thousand words. consider a vault that stores valuables – during this case, data. Data auditing is like an intelligent surveillance camera watching all the contents within the vault. encoding is just like the locker/key provided for every bank customer. (I owe the encryption analogy to Mike Speciner, security expert and co-author of the classic security text Network Security).
Data Encryption is meant to form data-at-rest only be visible to authorized users. it’s a sort of “privacy” access control. Once data-at-rest is encrypted, any access thereto via unauthorized users, or physical access cannot end in disclosure without appropriate keys being made available.
In contrast, Data Auditing offers four capabilities: (1) Data Discovery: discovers and classifies unencrypted critical data (2) Data Activity Monitoring: monitors and logs who accesses the info (3) Data Theft Detection: detects and alerts on data theft supported suspicious activity (4) Core Data Leakage: detects transmission of unencrypted core data.
How does Data Auditing relate to data encryption?
Let’s take each of the four data auditing capabilities:
Data discovery makes it easier to deploy Data Encryption: data discovery can identify critical unencrypted data because it is being accessed by users. this will be wont to select the subset of knowledge that ought to be encrypted first.
Data Activity Monitoring is complementary to encoding – it logs all activity to critical data, whether by authorized users or not, whether the info is encrypted or not.
Example: PCI #10 Audit logging requirement requires monitoring card holder data, additionally to PC#3 encoding requirement.
Data Theft Detection extends encoding . encoding prevents data disclosure by unauthorized users. Data Theft Detection extends this to “authorized users”. It detects data theft by authorized users supported anomalous behavior. are often “> this is often important since most data breaches can be traced to authorized users that are acting maliciously, violating policies, or have gained access to authorized users’ credentials.
Note: Some people wish to consider points 2 & 3 of knowledge auditing collectively as a light-weight substitute for encryption. for instance , a recent analyst note suggested that PCI content-level encryption projects that face technical challenges could adopt data activity monitoring & data theft detection as an interim substitute since it’s easier to urge started with.
Core Data Leakage audits the effectiveness of knowledge Encryption: albeit the databases are encrypted at a content-level, data auditing can continuously monitor the effectiveness of encryption by detecting unencrypted data leaving the core databases and fileservers. this will be a sort of audit that ensures encoding is usually up-to-date and covers new critical data because it is made .
In summary, both Data Auditing and encoding offer unique standalone benefits. Their combination offers a decent virtuous cycle of knowledge protection. for people who got to find out whether to audit or to encrypt data, remember to the vault analogy. All bank vaults have surveillance cameras. Those with custom valuables also offer individual locks & keys. This observation points to an easy maxim:
- Audit data whenever you’ll
- Audit & encrypt data once you must
If you’ve got any opinions on Data Auditing or encoding , please let me know. If you’ve got attempted either encoding or Data auditing projects recently, it might be great to listen to your experience.
Footnote: For the sake of this discussion, encoding means content-level encryption like database encryption. Other sorts of encryption like media/tape-level Encryption, or session-level encryption aren’t included during this definition since they’re intended to deal with risks different from the on-line data/database theft we are discussing here. Rich Mogull has a stimulating post on what he calls three laws of general encryption.
When you want to make a strong Oracle DBA career then you should be aware of database services and other database technology. Without having knowledge of Oracle internals, Oracle performance tuning, and skill of Oracle database troubleshooting you can’t be an Oracle DBA expert. This expert DBA Team club blog always provides you latest technology news and database news to keep yourself up to date. You should need to be aware of Cloud database technology like DBaaS. These all Oracle DBA tips are available in a single unique resource at our orageek. Meanwhile, we are also providing some sql tutorials for Oracle DBA. This is the part of Dbametrix Group and you would enjoy more advanced topics from our partner resource.
Consider Reading to these articles: