Databases are the lifeblood store of information for every organization. Without them, the organization’s efficiency, productivity and scope to prosper would be curtailed severely.
Protecting the company crown jewels is something that most organizations take seriously, using network security, robust authentication and access controls within their toolsets.
The main problem is that you are just one IT security manager faced with thousands of potential attacks. Sooner or later, someone will try to gain access to your databases and steal the data contained in them. IT security measures plug gaps we know about, but cybercriminals are very clever, very lucky or very manipulative – often all three. They mount many attacks in the sure knowledge that at least one will succeed. Just look at organizations like FireEye and Malwarebytes. If they can be breached, how can a less cyber security-savvy organization cope?
Potential data theft scenarios
Let’s assume that your organization has been hacked. First and foremost: what was the cybercriminal looking for? Any data they can use as a ransom or which they can sell – or both? This could be data currently inside a database, but many users will also have reports, documents and presentations containing information they extracted from the database. These are nice, easy targets.
Let’s say you happen to be a government organization running a virus track-and-trace system and you might store everything in a spreadsheet. Let’s also assume that there is a cybercriminal who has compromised your defenses and is snooping around the network looking for anything of value. Or maybe this is a member of staff, already inside the network, feeling malicious or just nosey.
If you’re facing a disgruntled employee inside the finance department, they can access sen ..