2． Many large enterprises also have this problem, the database administrator and the network administrator who on the earth should be given more full administrative privileges to complete their work. According to the proportion of employees, the total amount of database administrators and network administrators is also the minority of all employees. And implementing management for them is relatively simple. But there’s a vulnerability of management: whether DBA can view all the data without any limitation? Who can have the administrative privileges of copy of the database? Whether there’s no data loss threats even those who have admin privileges are trustworthy?
I recommend canceling the super administrative privileges of database administrator and network administrator, for they just need to do their own job well, and don’t have any reason to fully grasp the enterprise database administrative privileges. The responsibilities of these IT management staffs should be subdivided, allowing them to set user name and password for their work. These user names and passwords should be submitted to the CIO administrator, while they should be kept by password protection software but not CIO.
3. There’s another situation: some IT user may not need to have powerful privileges, but owing to their work, they need to use other people’s privileges. A typical example is a low- level data center operations staff, he may only be responsible for production scheduling environment, while some of his work may be related to database management and system administrator’s user name and password. This is a significant potential threat for any business.
This situation may seem difficult; in fact, it is not hard to solve. Let all the staffs know that all the network activities in the enterprise will be monitored, so as to prevent data leaks.
“The value of core commercial secrets is self-evident, while the number one way of core secrets leakage is the most common e-mail.” Proofpoint CEO Gary Steele thinks so.
The remarks above show the accuracy of a recent survey-according to Forrester’s survey, IT executive and managers believe that email is one way that most likely cause data leaks, particularly the confidential memo, valuable intellectual property rights and transaction information.
However, after observing a number of leaks, you will find that only a small part of these events is malicious leaks, mostly are caused by negligence.
It can’t be denied that there’re malicious data leakage issues in real life. Enterprise users should have awareness, such as using server protection software that can help companies build information protection platform to prevent inbound mail threats (such as spam and viruses ), and ensure that outbound messages comply with company policies and external regulations.
Jeff Bowling, the founder and CEO of TELXAR stressed that the best way to block data leakage is to perform a good security plan, which should include security notes about preventing service attacks and the internal network, and the network admin guide service. The following information should be included in the plan:
1 The reap time should be shown
2 Assign the login credentials and rights
3 Disable external software
4. Consider internal audit/intrusion monitoring applications
5 Lock the internal hardware components
6 Regular audition, security and resource
7 Disable USB or FireWire port
8 Set message size restrictions or/and block all attachments
9 Define a strict policy
10 Execute secrecy and confidentiality agreements
11 Determined command chain and upgrade procedure
12 Ensure secure plans and policies that managers and users understand
If you want to find enterprise data protection solution, you can visit Kakasoft for more tips.