Presentation is loading. Please wait.

Presentation is loading. Please wait.

Table of Contents The Need for Effective Database Security

Published byAlison Price Modified over 7 years ago

Similar presentations

Presentation on theme: "Table of Contents The Need for Effective Database Security"— Presentation transcript:

0 D’Amo, Comprehensive DB Encryption Solution

1 Table of Contents The Need for Effective Database Security
- Database: The Ultimate Target - Lack of Database Protection (Statistics) An Introduction to D’Amo - Database Security: Encryption - Key Benefits of Encryption - Introduction to D’Amo - D’Amo: Comprehensive DB Security - Regulatory Compliance

2 The Need for Effective Database Security

3 Databases: The Ultimate Target
When people think of hacking, they often picture hackers damaging websites. While this is indeed a common occurrence, the ultimate goal of many hackers is to gain access to the wealth of information contained within electronic databases. Information contained within databases can include: Client Personal Information (Name, SSN, credit card numbers) Bank Account Information Sales Revenue for Individual Products Payroll Information A Company Strategic Plans Defense System Information Intellectual Property Test and Performance Results And much, much more…

4 The Insider Threat According to the Ponemon Institute’s Aftermath of a Data Breach Study, released January 2012, insiders account for 50% of data breaches. 34% of breaches are caused by insider negligence, and 16% are caused by insiders with malicious intent.

5 Lack of Database Protection
Only 30% of companies encrypt personal data in their databases 75% of companies lack proper database access controls Only 50% of companies consider database security a high priority ~ 2010 Independent Oracle Users Group Data Security Report “Some data managers feel that their data is secure mainly because databases are not connected to the Internet—a false comfort that may lead to a rude awakening.” ~2010 Independent Oracle Users Group Data Security Report

6 An Introduction to D’Amo: Comprehensive Database Encryption Solution

7 Comprehensive Database Security Solution
Introduction to D’Amo Comprehensive Database Security Solution D’Amo, Comprehensive DB Security Solution, provides not only encryption but also access control, and auditing. D’Amo has been No.1 in the Korean DB encryption market, having 80% of the market share since March 2004. Separation of Duty Encryption Access Control Auditing Reporting Comprehensive Database Security Solution Comprehensive DB Security Solution, D'Amo

8 D’Amo: Encryption by Column
D’Amo minimizes overhead by encrypting critical data columns only. Encryption and decryption processes are performed using a PKI-based symmetric key cryptosystem. Supports international encryption algorithm standards (DES, Triple DES, AES, etc…) Operation modes can be either Cipher Block Chaining (CBC) or Cipher Feedback (CFB), depending on algorithm and the Security Manager’s preference.

9 D’Amo: Column Access Control
D’Amo enables column access control, selective application of encryption/decryption privileges, and application of access policies to internal and external users.

10 D’Amo: Separation of Authority
D’Amo enables strict separation of authority between the Security Manager and the Database Administrator.

11 Regulatory Compliance
Payment Card Industry Data Security Standard (PCI DSS, 2004) is an international information security standard for companies dealing with electronic payment transactions (credit cards, debit cards, etc.). Requires secure management of cardholder data. Fines for violations can range from $5000-$100,000 USD per month. Federal Information Processing Standard (FIPS) is a set of standards required by the United States Federal Government for use in computer systems used by government agencies and contractors. Well-known FIPS standards include the Data Encryption Standard (DES) and the Advanced Encryption Standard (AES). The international equivalent of FIPS is the International Organization for Standardization (ISO).

12 Thank You! Japan Republic of Korea
Penta Security Systems Corporation Ascend Akasaka Bldg. 3F Minato-ku, Tokyo , Japan TEL: : FAX: URL: Republic of Korea Penta Secuirty Sytems Corporation Hanjin Shipping Building 20F Yoido-dong, Youngdeungpo-ku, Seoul, Republic of Korea TEL: : FAX: URL:

Download ppt "Table of Contents The Need for Effective Database Security"

Similar presentations

AFM INTERNAL AUDIT NETWORK MEETING MUTUAL ONE GROVE PARK, LEICESTER Current ‘Hot Topics’ in Information Security Governance Auditing David Tattersall 03.

AFM INTERNAL AUDIT NETWORK MEETING MUTUAL ONE GROVE PARK, LEICESTER Current ‘Hot Topics’ in Information Security Governance Auditing David Tattersall 03.
Oracle Database Security

Oracle Database Security
Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.

Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.
Fair competition commission Mobile and Cyber Threat Issues Joshua Msoma Tanzania Fair Competition Commission Sixth Annual African Dialogue Conference Lilongwe,

Fair competition commission Mobile and Cyber Threat Issues Joshua Msoma Tanzania Fair Competition Commission Sixth Annual African Dialogue Conference Lilongwe,
Persistent Protection Using E-DRM Technology Jason Fasoo 06/18/2008.

Persistent Protection Using E-DRM Technology Jason Fasoo 06/18/2008.
PCI Compliance Forrest Walsh Director, Information Technology California Chamber of Commerce.

PCI Compliance Forrest Walsh Director, Information Technology California Chamber of Commerce.
Chapter 17 Controls and Security Measures

Chapter 17 Controls and Security Measures
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.

GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.
Security & PCI Compliance The Future of Electronic Payments Security & PCI Compliance Greg Grant Vice President – Managed Security Services.

Security & PCI Compliance The Future of Electronic Payments Security & PCI Compliance Greg Grant Vice President – Managed Security Services.
Protecting Customer Websites and Web Applications Web Application Security.

Protecting Customer Websites and Web Applications Web Application Security.
The Right Choice for Call Recording WWW.OAISYS.COM OAISYS and PCI DSS Compliance Managing Payment Card Industry Compliance with OAISYS Call Recording Solutions.

The Right Choice for Call Recording OAISYS and PCI DSS Compliance Managing Payment Card Industry Compliance with OAISYS Call Recording Solutions.
Www.softwareassist.net Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
An Educational Computer Based Training Program CBTCBT.

An Educational Computer Based Training Program CBTCBT.
Identity Protection (Red Flag/PCI Compliance/SSN Remediation) SACUBO Fall Workshop Savannah, GA November 3, 2009.

Identity Protection (Red Flag/PCI Compliance/SSN Remediation) SACUBO Fall Workshop Savannah, GA November 3, 2009.
The Changing World of Endpoint Protection

The Changing World of Endpoint Protection
Cyber Security in Local Government. One of the Industry’s Most Widely Recognized and Highly Accredited Partners 1.

Cyber Security in Local Government. One of the Industry’s Most Widely Recognized and Highly Accredited Partners 1.
Database Security and Data Protection Suseel Pachalla, CISSP.

Database Security and Data Protection Suseel Pachalla, CISSP.
Data Security and Payment Card Acceptance Presented by: Brian Ridder Senior Vice President First National September 10, 2009.

Data Security and Payment Card Acceptance Presented by: Brian Ridder Senior Vice President First National September 10, 2009.
Internet Security Breach & Its Impact on Business Operations Kim Nguyen Manish Shirke Wa Mo Saravanan Velrajan.

Internet Security Breach & Its Impact on Business Operations Kim Nguyen Manish Shirke Wa Mo Saravanan Velrajan.

Similar presentations

Ads by Google