The Database Security Blog

Hello,

We have just released the results of our monthly survey, which asked “What are your main criteria for choosing a database-security solution?”

The results are:

• Ease of use and implementation: 42.72%
• Variety of features: 29.16%
• Price: 12.5%
• Vendor reliability: 10.41%
• Customer recommendations: 5.21%

“Many organizations don’t have personnel with training or much experience in managing database security, which makes the idea of it rather intimidating,” said Amir Sadeh, CEO, GreenSQL. “Therefore, ease of use and implementation are always key issues. That’s precisely why we design our solutions to be as user friendly and straightforward as possible without compromising on the high levels of security.”

While GreenSQL’s back-end technology is highly sophisticated and complex, the user interface is incredibly easy to use, simplified to a virtual plug-and-play level.  GreenSQL products leverage database activity monitoring, real-time dynamic data masking, and database security, to protect companies’ most valuable assets – customer data and other sensitive information – from both external and often-underestimated internal threats.

“Companies are increasingly under pressure, recognizing that protecting their databases is synonymous with protecting their reputations. Sites receive an average of 71 attacks per hour, which is daunting in itself, plus they have to ensure compliance with ever-increasing regulatory requirements while avoiding legal fees associated with litigation from clients whose accounts have been compromised. We market a variety of affordable packages, so there’s no reason to leave sensitive data unsecured,” concluded Sadeh.

Share this article

GreenSQL

More details will follow  soon….

Share this article

GreenSQL

Date and Time:

USA

Tuesday, April 30, 2013, 11:30 am Eastern Daylight Time (New York, GMT-05:00)

Tuesday, April 30, 2013 10:30 am Central Daylight Time (Chicago, GMT-06:00)

Tuesday, April 30, 2013 08:30 am Pacific Daylight Time (San Francisco, GMT–08:00)

Europe

Tuesday, April 30, 2013 04:30 pm GMT

Tuesday, April 30, 2013 05:30 pm GMT+01:00

Share this article

GreenSQL

GreenSQL’s February survey of IT professionals worldwide concluded that 31.4% of security professionals believe that database security implementation is too complex, making it their number one obstacle. Almost 20 percent think that lack of dedicated personnel or special expertise is yet another hurdle in putting database security in place.

Surprisingly, 13.2% of respondents stated that their organizations’ management still does not understand that enforcing database security measures is essential to both client security and reputation protection.

They were asked: “What are your main challenges or obstacles to implementing database security in your organization?”

Respondents said:

• Complexity: 31.4%
• Requirement for dedicated personnel or special expertise: 19.9%
• Management doesn’t understand the need: 13.2%
• Cost: 9.1%
• Other: 26.4%

Share this article

GreenSQL

10 Must-Do SQL Server 2012 Security Tasks

Read our latest article on SQL Server 2012 best security practices and you will find out how to:

• Use a dedicated server for your database
• Harden the Operating System
• Control Admin Access to the Database
• Encrypt the Data Between App and SQL Server 2012
• Reduce the Potential Attack Surface
• Implement Strong Authentication
• Perform Regular and Reliable Auditing
• Update Patches Regularly
• Manage Contained Databases for SQL Server 2012 Only

Read full article here

GreenSQL is a leading provider of ready-to-use database security solutions, helping organizations worldwide to protect their databases from internal and external threats.

    Download Free Trial

GreenSQL Introduction Video

All product and company names herein may be trademarks of their registered owners.

Share this article

GreenSQL

Dynamic Data Masking is an emerging technology that provides real-time data masking in changing environments, typically in production databases.

GreenSQL Dynamic Data Masking enables you to mask or randomize any sensitive information stored on Microsoft SQL Server, MySQL and PostgreSQL databases.

Join our live webinar and demo where David Maman,  security industry guru and GreenSQL Co-Founder and  CTO, will explain:

• What is Real-Time Dynamic Data Masking?
• How to dramatically reduce the risk of a data breach?
• How to better comply with regulations?
• How to enforce real-time dynamic data masking?
• How to provide a security layer around applications, reports and tools?
• How to apply masking rules based on end-user identity and access rights?
• Real-time Dynamic Data Masking – Live Demo

Share this article

GreenSQL

New GreenSQL 2.3 Version Strengthens Underlying Database Security Technology While Further Simplifying User Experience

GreenSQL new version is easier to configure and manage locally and on the cloud

The newest version of GreenSQL, 2.3, makes it even simpler to secure databases with its streamlined configuration and Amazon cloud compatibility.

GreenSQL provides unified database security protection against SQL injection attacks and other internal and external threats via database activity monitoring, real-time dynamic data masking, and database security.

• Version 2.3’s database security policy automatically detects SQL injection attempts. To ease administration, it automatically detects both the operating environment and database session identifiers (user, database, source IP, and application). By pushing activity monitoring logs to remote commercial databases, GreenSQL simplifies auditing and compliance reporting.
• Cloud security is also a growing concern among IT professionals (See GreenSQL’s recent survey); to address it, GreenSQL now offers Amazon RDS support for MySQL and SQL Server in addition to its existing Windows Azure SQL Database support.
• The new version has increased the number of pre-configured patterns and policies, with easier classification of suspicious patterns. 
• Security and business continuity are critical to GreenSQL’s clients, so it now offers other high availability enhancements, like unobtrusive shut down and automatic or manual takeover.  

Current GreenSQL users may upgrade to the 2.3 version. The upgrade ensures that all existing audit logs and configurations are seamlessly kept.

GreenSQL version 2.3 is now available for download at http://www.greensql.com/

For a demo on GreenSQL 2.3 new features – join our live webinar on Thursday, January 31, 2013, 11:30 am EST.

For a GreenSQL 2.3 live-demo and a face-to-face meeting with our team, we invite you to visit us at RSA, Moscone Center, San Francisco, Feb 25 – Mar 1, Hall B, booth # 3107 as well as listen to our CTO David Maman’s discussion: “What? Me, worry? I’ve already been hacked. Haven’t you?” from 11:40-12 on Friday, March 1, in room 310 at the Moscone. To set a meeting, please contact us at sales@greensql.com.

All product and company names herein may be trademarks of their registered owners.

Share this article

GreenSQL

What if your database could be secure today? Literally. Today.

Skip all the complex installation processes and implement multiple database protection measures within a matter of minutes, on your own, with no special training or expensive support personnel.

Learn how to do this with GreenSQL new 2.3 version in this educational 45-minute live Webinar (including Q&A).

Join our live webinar and learn how to secure your database quickly, cost-effectively, and efficiently. We’ll cover the following essentials of Database security:

• Protect Your Database in 5-Clicks
• Prevent SQL Injection Attacks
• Implement Separation of Duties
• Set Automated Baselines
• Mask Sensitive Data with No Change in Application or Schema
• Q&A

Join David Habusha, industry expert and VP Product of GreenSQL for this educational session on rapid database security implementation.

www.greensql.com

Date and Time:

USA

Thursday, January 31, 2013 11:30 am Eastern Daylight Time (New York, GMT-05:00)

Thursday, January 31, 2013 10:30 am Central Daylight Time (Chicago, GMT-06:00)

Thursday, January 31, 2013 08:30 am Pacific Daylight Time (San Francisco, GMT–08:00)

Europe

Thursday, January 31, 2013 04:30 pm GMT

Thursday, January 31, 2013 05:30 pm GMT+01:00

Share this article

GreenSQL

Yep – we’ll be there… Well, duh… along with the rest of the security industry. Find us at Hall B, booth # 3107 with the latest and greatest in database security management. Don’t miss our demos and the opportunity to meet our CEO, CTO and VP Marketing & Sales. Come say hello, grab some free stuff and take a really cool picture of yourself riding a…. no, I won’t tell… just come and you’ll see! It’ll be fun, I promise! And you can even learn how to protect your database in the most effective way with our new GreenSQL 2.3 version.

Also, make sure you attend security industry guru, and GreenSQL CTO, David Maman’s lecture: “What? Me, worry? I’ve been hacked, haven’t you?” , Friday, March 01, Room 310, 11:40 am – 12:00 pm.

See you there and have a great show!

To set a meeting at the show, please contact us at sales@greensql.com

Share this article

GreenSQL

By David Maman, Founder and CTO, GreenSQL

I’m going to go out on a limb here and assume the Mayans were wrong, and we’ll survive to see the new year. Rest assured, I’ve carefully reviewed all relevant materials, and although the Mayans were quite advanced, they never mentioned an apocalypse via SQL injection or hacking.

Unfortunately, there will be a continuing growth trend in this direction, even if not Mayan related. Since we learn well from others, we at GreenSQL have carved our own wheel, and here’s what’s predicted:

1. Attacks against embedded devices will be more frequent and more professional . Air- conditioning management systems, lighting management systems, printers, gaming consoles, SCADA industrial control systems, and other such systems will be targeted.
2. Database attacks will be more common, but SQL injection attacks will become more transparent to security solutions. People will increasingly recognize that personal information, such as financial, customer, personal, and health records, is the new currency and must be better protected.
3. Mobile devices, like smartphones, tablets, training devices, smart cameras, etc., are rapidly becoming the only portals to the Internet. In fact, I think that they will be 80% of all devices accessing the Net within three years. This, in turn, means that they will also become the chief targets of browsing-based attacks.
4. Cloud security: 2013 will bring a host of new attacks and exposed vulnerabilities to go along with all the new cloud services and security products providers will make available.  The public will increasingly grow to understand that the cloud is a sophisticated, elastic hosting service and, as such, they will be compelled to perform better due diligence to make smarter decisions before using and moving their services to the cloud.
5. Malware – Some of the largest financial organizations in the world have learned a hard, ugly lesson in the past year: Professional hackers are determined to pillage your data, and they’re willing to invest the necessary resources to make it happen, whether for themselves or by selling their malware to the highest bidder. These attacks will become increasingly common, along with the realization that most standard anti-virus solutions are insufficient when dealing with flurries of new attempts to compromise your system.

As tired as this saying is, it still rings true: Defending against cyber attacks, hacking, SQL injection, and the like is a marathon, not a sprint. Actually, that’s not really true, either, as marathons have an end, while this won’t. Thieves evolve and improve along with the development of new devices, technologies, and, yes, security systems. An old Japanese saying: As iron sharpens iron, so one man sharpens another. Thieves and hackers sharpen us to do our best to be one step ahead.

Share this article

GreenSQL