McAfee Launches Database Security Platform

By Nathan Eddy  |  Print this article Print

The platform includes Vulnerability Manager for Databases and data loss prevention (DLP) features.

Security specialist McAfee announced a comprehensive database security solution that protects business-critical databases, based on the Security Connected initiative launched in October 2010. It involves protecting a company’s data assets from network to server to the database itself. This approach is designed to protect data in every state (data in motion, data at rest and data in use) via access controls, network security, server security, data protection and encryption—all centrally managed.

The McAfee solution includes Vulnerability Manager for Databases, which automatically discovers all databases on the network, collects an inventory of configuration detail, determines if the latest patches have been applied and scans for vulnerabilities. On top of network firewall and intrusion prevention, McAfee provides the third layer of defense on the data itself, whether at rest or in use through data loss prevention (DLP), which helps ensure data integrity and utilizes policy to prevent improper transmission of critical data.

The company’s database security solution is managed by ePolicy Orchestrator and includes McAfee Database Activity Monitoring (DAM), which not only tracks database changes, but also protects a business’s most valuable and sensitive data from external threats and malicious insiders with real-time alerts and session termination.

"Users are increasingly anxious about the security of their data, and are looking for database security solutions that provide uniform coordination with policy management," said Carl Olofson, research vice president of database management and data integration software research at IT research firm IDC. "Having the ability to protect data at rest, in motion and in use through access control, encryption and auditing is a key area of importance. The ability to track vulnerability issues is a key differentiator which businesses are looking for when choosing database security solutions."

In a recent market outlook survey by Evalueserve, databases were cited as the most challenging part of the IT infrastructure to protect, which explains why for many customers the level of database protection does not match the criticality of the data. Research shows that more than 92 percent of records breached involved a database, with more than 87 percent based on exploits requiring significant technical skills.

"Data is the lifeblood of every organization. Any loss, interruption or breach could mean disaster," said Stuart McClure, senior vice president and general manager of risk and compliance for McAfee. "McAfee is committed to providing our customers with best-in-class database security solutions. We designed a comprehensive security solution to protect even the most dynamic of database environments. Our commitment is made more evident by today’s announcement of our pending acquisition of Sentrigo, a leading provider of database security, monitoring and intrusion prevention solutions."