We don’t have to look too far back in history to see the damage of data loss in both private enterprise as well as the government sector. Data breaches at the government level – with news reports about WikiLeaks, Edward Snowden, and Bradley Manning – illustrate the risk that is posed by individuals within and outside the firewall. Among the salient data points that companies should know are the fact that in as much as the bulk of their resources go toward protecting against network intrusions breaches at the database layer would cause the greatest harm.
In terms of encryption techniques–an important approach to preventing data theft–more organizations are applying encryption against data in motion, but too few encrypt all their data at rest. In addition, human error and internal hacking which can be limited or even prevented through privilege controls are also not being deployed widely enough.
Most IT Managers are either unaware of, or know that they have no safeguards to prevent a database administrator or developer from accidentally deleting data or unintentionally harming critical applications. An aggressive stance with preventive security measures is critical since it enables organizations to ward off breaches. Monitoring and audits, on the other hand, will only detect data loss after an event