When considering outsourcing to a remote database support service, look for professionals capable of automating key SQL Server tasks.
Administrators have a variety of tasks they need to perform on a daily basis. In a world rife with IT security woes, it's imperative for DBAs to be able to dedicate enough time and resources to deterring sophisticated cyberattacks. Ordering rudimentary management jobs to occur without manual attention can help them succeed in this endeavor.
Using SQL Server Agent
According to MSDN, thorough knowledge of SQL Server Agent enables professionals to automatically execute jobs on a predefined schedule, respond to particular occurrences and execute backups whenever they're needed. The source outlined a number of additional benefits DBAs often capitalize on:
- Multiple tasks can be executed at the same time
- Jobs can be ordered to initiate when a central processing unit isn't conducting any operations
- SQL Server performance orders can be automatically recorded
- Cookies can be inserted that monitor the actions of authorized operators, as well as intruders
- Logs of all security-related activities performed by administrators can be created
For more complex jobs, managers need to be able to receive notifications pertaining to mission-critical instances. For example, whenever hardware fails (due to a storm, or some other disruption), organizations need to be able to offload databases to other equipment or deploy backup strategies. For this reason, manually initiating alerts isn't conducive to business continuity.
What can they do?
Remote DBA experts recognize the benefits of automation, but where does the magic come from? Database Journal outlined several notifications these professionals can utilize through SQL Server Agent. For instance, a job's "lifecycle" can be reported as a success, failure or completion.
While receiving alerts applicable to these three tasks is possible, it's not necessarily recommended. Deploying a task and receiving a failure is more constructive, because DBAs' inboxes won't get cluttered with a barrage of emails.
Yet, there are some jobs administrators may want to follow from execution to completion. In order to figure out which directions are set to employ notifications, DBAs can review the notify_level_email value in the sysjobs table in the SQL Server database.
If the value has a zero next to the WHERE category, personnel know that no alerts have been set up for a specific job. On the other hand, if a 1, 2 or 3 is displayed, then the notification will be sent to an email, pager or NET SEND, respectively.
Essentially, automation enables experts to optimize database active monitoring thoroughness and speed.
- buy cialis
- cialis online
- generic viagra
- online pharmacy
- cheap adobe photoshop
- buy adobe photoshop
- cash payday loans
The post Why automation is a key component of database administration appeared first on Remote DBA Experts.
Can Microsoft SQL Server and Informix DB2 environments integrate together? The answer is YES!! I have received an increasing amount of questions concerning wanting to cross platform ETL development work between the two. Driven from these questions, I want to dig deeper into regards to manipulating data between Microsoft SQL Server and Informix DB2.
Recently, I have been asked to load data to Informix DB2 using SSIS which is the focus of my topic. When I was tasked with this request, I did some research and started to develop a solution. However, I ran into some common issues that had unanswered questions in regards to writing via Informix ODBC with SSIS out on the internet. Unfortunately, to this day, I have not seen an actual step- by- step blog about this topic based on my own personal searches. With that being said, I decided to blog about it myself.
Let’s start with the basic information first. What do you need to successfully use Informix with your SQL Server environment?
You should know, at minimum, the following:
- What versions of the driver you have
- What version of SQL Server is installed on your server
- What the version of your operating system is
The version of the driver can cause unforeseen issues when trying to load into Informix via SSIS. Check how your ODBC driver is registered. You can do this by simply checking both 32 bit and 64 bit ODBC Data Source Administrator. Here are the commands for 32 bit and 64 bit respectively:
32 Bit: C:\Windows\SysWOW64\odbcad32.exe
64 Bit: C:\Windows\system32\odbcad32.exe
As you can see, I do have both registered in my current environment:
This is a common issue I have seen between the two. No matter if you have SQL Server 32 Bit or 64 Bit, BIDS is a 32 bit platform application, and the runtime of BIDS needs to be set to reflect this. This is done in the solution properties.
In the properties, you click the debugging option and set Run64BitRunTime from True to False.
Now, you are ready to set up your connections and build your package. In your connection manager, select where your source data is coming from. For my example, it’s going to be SQL Server, so I need an OLE DB connection. The destination I will use is an ADO.NET connection manager.
Here is the little piece that took a while to figure out. Your connection string within your ADO.NET connection manager needs to have “delimident=y” as an argument within the connection string.
Now, my connection string reads as follows:
Notice that I do not have my UID or password passed in through the connection string because they are already stored on my server when I set them up in my Data Source ODBC Administrator.
From here, I am going to simply set up my Dataflow with a source and destination using the connection managers that I have created and map all of my columns.
That’s it! Now, all you have to do is run it and test it.
I have just written 27 records to Informix DB2 via SSIS using the Informix ODBC driver provided by IBM! Extracting, Transforming, and Loading data (ETL) sometimes requires outside drivers and connection managers which require us to learn new thing, and we are learning new things every day in the development world. I hope that you found my blog informative and that it helps others reduce the search for writing to Informix via SSIS. Stay tuned for my next blog post in the next few weeks.
- buy cialis
- cialis online
- generic viagra
- online pharmacy
- cheap adobe photoshop
- buy adobe photoshop
- cash payday loans
Today we’re kicking off a series about our additional offerings, because we think it’s important for your organization to leverage RDX’s full suite of data infrastructure services to improve your organization’s ability to turn raw information into actionable business knowledge.
From our Business Intelligence services – designed to get you the right information about your company to make savvy strategic decisions – to our application hosting, database security and non-database server monitoring, GoldenGate replication services, and support for Windows, MySQL and Oracle EBS, we’ve got every administration need you can think of covered.
We’ll take an in-depth look at each of these services in videos to come, so you can learn how they can benefit your business and choose the services that may be the most important to you.
For more information on our additional services, follow the link below for our Additional Services Whitepaper.
Tune in next time as we discuss the importance of Business Intelligence for your business!
The post A look at how RDX’s Additional Services can meet your needs: Series Kick-off [VIDEO] appeared first on Remote DBA Experts.
Although the transition from paper to electronic health records hasn't been easy, it's certainly paid off.
Those in the medical industry can now access patient information more easily, allowing them to eliminate mistakes characterized by the use of tangible forms. However, organizations should be wary of the dangers EHR implementations pose to database security.
Eliminating grievous mistakes
That's not to say professionals should abandon EHR technology. The National Institute For Health Care Reform acknowledged how using EHR can eliminate what physicians, hospital administrators and others in the health care sector call "unintended discrepancies." These instances are essentially minor mishaps that can have major repercussions.
Unfortunately, fragmented delivery systems will provide inaccurate information regarding medications, especially when patients are being admitted to and released from hospitals. This can cause doctors to accidentally omit, duplicate or add unnecessary prescriptions. In a worst-case scenario, this could cause a person to overdose.
The NIHCR outlined what facilities need to prevent these mistakes from occurring, and it starts with the implementation of an EHR system. Such technology can allow hospitals and personnel to:
- Aggregate accurate, applicable pre-admission medication data
- Compare hospital prescription orders to previous medications so physicians can make educated treatment decisions
- Share relevant lists pertaining to medicines administered for the discharge phase with primary care doctors, nursing facilities and other places
Obviously, a lot of digital information is being stored and transferred. Some connections may be more secure than others, but the environment is a hacker's dream come true. HealthITSecurity contributor Greg Michaels acknowledged that while exchanging patient intelligence may enable physicians to deliver better care, health care organizations find they can't dedicate enough resources to sanctioning safe delivery.
Michaels advised medical industry participants heavily entrenched in EHR uses to work with a trusted, third-party IT security expert. In addition to communication surveillance, the outsourced entity should be capable of providing remote database management and monitoring as well. Michaels also recommended professionals abide by the following best practices:
- Audit all partners to see which ones provide their customers with protected health information and identify which IT protection measures they're taking
- Open communication with third-parties so data breaches affecting multiple organizations can be addressed in a united manner
- Ensure all partners are compliant with standards outlined by the Health Insurance Portability and Accountability Act
- Educate in-house personnel on how to take basic security measures
By seeking help from a database administration service and implementing basic protective measures, hospitals will be able to use EHR with limited risk of sustaining an IT disaster.
The post Don’t let database security woes outweigh EHR benefits appeared first on Remote DBA Experts.
The Internet of Things has been a hot topic of conversation among IT professionals as of late.
Promises of more unique insight into customer behavior have tempted consumer-focused companies to invest in the technology. Manufacturers are looking to implement intelligent devices to achieve higher levels of productivity. However, a number of organizations are ignoring the impact IoT will have database security.
A hacker's haven
It turns out cybercriminals are just as interested in IoT as multi-billion dollar corporations are. ZDNet noted a study conducted by Hewlett-Packard's Fortify division, which scanned 10 of the most prevalent Internet-connected devices, discovering about 25 faults per implementation. The source acknowledged some of the most telling discoveries:
- 90 percent of the devices assessed contained at least one piece of personal information pertaining to an individual
- Weak credentials and persistent cross-site scripting plagued six out of 10 mechanisms
- 80 percent of implementations failed to allow users to employ intricate, lengthy passwords
- 70 percent of devices didn't protect communications with encryption, while 60 percent of such machines lacked the programs necessary to launch encoding tasks
Essentially, it wouldn't be too difficult for even a fledgling hacker to gain access to a company's IoT assets, establish a network connection with its databases and steal information from the business. Database active monitoring can deter such attempts, but a wide distribution of Internet-connected property can make such a task difficult for in-house IT departments to perform.
Where's the issue?
Consumer-focused IoT devices are particularly vulnerable to sustaining damaging cyberattacks because they're so ubiquitous. Yet again, it's important to ask why IoT implementations are so defensively weak in the first place.
Re/code contributor Arik Hesseldahl identified two factors as the culprits of IoT instability:
- Manufacturers are rushing to get these products to market without giving enough attention to security features.
- The majority of these devices run the Linux operating system, which is already prone to a number of defensive shortcomings.
One of the only ways to guarantee hackers aren't infiltrating these assets is by protecting company databases from malware that may be attempting to enter servers through the mechanisms. Why is this backend surveillance necessary? Because the devices themselves don't have the same protective software PCs, tablets and even many smartphones possess.
The scale of the problem? Hesseldahl referenced statistics from Gartner, which discovered 26 billion individual devices are going to be online by 2020. Essentially, there's a massive pool of property cybercriminals could exploit in order to steal financial information.
As a remote data infrastructure services provider, documenting the activities we perform, as well as our customers’ environments, is critical to our success. RDX currently supports thousands (and thousands) of database ecosystems ranging in complexity from simple to “making your hair stand on end.”
My customers hold my organization to extremely high standards. Rightfully so, they have turned over the keys to their most sensitive and mission-critical data stores to RDX. At the end of every email blast I send to our customer base, I end it with, “I personally appreciate you placing your trust in us to administer and safeguard your most valuable data assets. We take that responsibility very seriously here at RDX.” Stating that we take that responsibility seriously is kind of like saying the Titanic sprung a small leak.
Although the importance of a well thought out and detailed documentation library is blatantly obvious, creating documentation is the task most often postponed by an overworked DBA unit.
Documenting processes, procedures and best practices is a task that is often considered to be boring and mundane. Most DBAs would rather perform virtually any other activity than sit in front of a screen using a word processor. As a result, creating documentation is often postponed until the DBA has a little free time to kill. Today’s database administration units are operating with smaller staffs, tighter budgets and ever-increasing workloads. The end result is that the documentation is either never created or created and not kept current.
However, a robust detailed documentation library creates an environment that is less complex, less error-prone, reduces the amount of time DBAs spend learning new database environments and reduces the overall time spent on day-to-day support activities. DBAs are able to spend more time administering the environment rather than finding the objects they are trying to support and the processes and programs used to administer them.
The nature of my business as a remote services provider demands excellent documentation. The majority of environments we administer weren’t designed by my organization. The only way that we can ensure high quality and high-speed administration of these environments is to document them thoroughly. We document everything from initial connectivity and customer contact sheets to detailed information on database and server information, batch job streams and individual program execution (what it does, run-time windows). If we need to be aware of it, we have it documented.
Documentation is also the foundation of many of the other disciplines I will be discussing in future blogs. Let’s continue our discussion with a few helpful hints to get you started.
Understanding the Important Role Good Documentation Plays
We all generally understand the benefits that documentation provides. I think that all readers will see the importance I personally place on documentation in upcoming blogs.
Let me reaffirm my opinion in this one sentence: Good documentation is the foundation that high-quality data infrastructure services are built upon.
Creating an Organizational Environment That Fosters Good Documentation
I’ve been the Vice President of Service Delivery at RDX for 6 years now. It is my responsibility as manager to create an environment that fosters the production of robust and high-quality documentation. Let me describe some of the challenges that I have faced in the past at other organizations and how I have overcome them.
Since I view high quality documentation to be my responsibility as a manager, I ensure that it becomes part of every DBA’s performance appraisal criteria, including my own. If it isn’t on my, and my unit’s, performance appraisal forms, I will ask to have it added or make my own personal addendum and notify both the DBA team and management that I have done so.
I will add time for documentation when I estimate the amount of time it will take me to perform an administrative task during project planning meetings. I don’t settle for “we can do that after the project is complete” as an answer.
If you continuously sell the importance of documentation, sooner or later, you will begin to wear your opponents down. Although I prefer to call it “being relentless,” I’m sure that many of the application development managers (and my own managers) viewed it as “being a ….” (insert your favorite description here).
Every document I have created that provides a list of activities I , or my unit, need to perform during a project has documentation included. It helps to integrate it into the fabric and culture of my organization’s environment.
Making Documentation Second Nature
You also need to ensure that generating documentation becomes a natural part of your daily activities. You must continuously remind yourself that documentation is a primary and integral part of providing high-quality support services to your customers.
You must also remind yourself that it makes your job easier and benefits your fellow DBAs. It is a recipe for disaster when a fellow DBA needs to be out of the office for a time and asks another DBA to “help them out” by performing a complex, application-specific administrative activity and then tries to verbally tell them how to perform the 326 steps it takes to execute it.
Did you ever try to refresh an ERP application test environment from production when that test environment doesn’t have enough space to hold all of production’s data? 4,000 steps later, you begin to second-guess your choice of professions. That was the exact request from one of my fellow DBAs when I first started in this profession, and it quickly taught me the importance of good documentation. Not only did he get me to do the refresh, but I also had to document the process for him along the way. Some call that being a good coworker; I would view that as having a big sucker taped to my forehead.
The moral of this story is this: If you don’t want to be the only one that can perform that 900 step ERP application production to test refresh, document it! If you don’t want to be called by the on-call DBA because he doesn’t know exactly where to add a file in an emergency situation (like someone forgetting to tell you that they were loading 10 million additional rows into that 100 row table), document it! The more you document, the easier your life as a DBA becomes.
I’ve never had a photographic memory. It makes generating documentation easy for me. I also like to write, and that helps, but I will admit that there are times that I would rather perform virtually any other activity than document.
However, it has become easier because I continuously reaffirm to myself the importance of documentation. The more you reinforce that to yourself, the more second nature (and easier) it becomes.
Making Documentation Easy
I’m a huge fan of documentation templates. Here at RDX, we have templates and Standard Operating Procedures for everything we document. If it is repeatable or a complex process, we have an SOP for it. We have templates for documenting connections to our customers’ environments, their backup and recovery environments and their application specific processes, to name a few. If it needs to be documented on a regular basis, we have a template for it. We also have generic templates for documenting environments and activities that don’t fit into other templates.
Word Documents and Templates
Word document templates provide many features that streamline the documentation process and help to improve the quality of the content they store. I try to take advantage of as many features as I can. I use drop-down selection menus, check boxes and radio push buttons to improve the speed and quality of the documentation process. I also take advantage of the help pop-up feature that Microsoft Word provides to create a detailed description of what information is to be entered into that field, check box or radio button.
We heavily utilize Wikis to intelligently and securely display information about the environments we are tasked with supporting. A common, menu-driven interface has been designed, tuned and tweaked over our 20 year history. The Wiki’s contents include customer contact and escalation information, detailed database/server information, customer change management procedures, RDX DBAs assigned to the account, on-call team assigned, non-sensitive connection information (VPN type, VPn vendor, etc) and job information. The Wiki page also links to current tickets, current time cards and a history of past problems contained in our problem resolution library.
The Wiki content is controlled by a well-defined change management procedure and relies upon Wiki templates to ensure information is stored and displayed in a common format that adheres to RDX specifications. Once again, templates help improve the quality of content, speed data entry and ensure a uniformity of display pages and menus. We constantly review the Wiki for content and usability as well as leverage new Wiki features as they are released.
Database-Driven Content Managers
There are dozens of software companies that offer content management solutions. Database vendors have also recognized this as a lucrative market. All of the major database vendors now offer advanced content management software, each one trying to outdo the other in the number of bells and whistles that their products offer. Do a quick search on Google for documentation content management software, and you will find out just how many competing products there are.
Content management products offer check-in/check-out features, document versioning, web portal access and advanced workflow capabilities to name just a few of the features designed to improve content management. The competition in the content management market space is fierce to say the least. Content management vendors know that continuously adding new bells and whistles to their products is not just important for increasing market share, but it also is critical for their survival. Product costs can range from thousands to tens of thousands of dollars (or more).
If you have the funds and your management understands the benefits that a full-blown content management package provides, by all means begin a content management product analysis. But if you don’t have the funds, create a shared drive on your network and declare it to be the “DBA Documentation Portal.”
What to Document
By all means, this is not an all-inclusive list of what can be documented. Consider it as a starter kit to help you begin your quest for “documentis nirvanas.” Is some of this overkill for your particular environment? Maybe, but just consider this a general, high-level list. Since most readers will work for a single organization, I’m focusing my recommendations on DBA units that support one corporate environment.
Database Environment Documentation
- Naming conventions
- Servers (server names, operating system release, hardware vendor)
- Databases (vendor, database version, features enabled)
- Application type (i.e. data warehouse, online transaction processing, decision support, third-party application name and functionality it provides).
- Business unit requirements and related information for supported databases
- Uptime requirements (i.e. 24 X 7, 8 X 5)
- Database downtime windows
- Critical job processes
- Business unit and application developer contact lists
- Turnover windows for database changes
- Problem notification and escalation procedures
- Security sensitivity- How sensitive is the data?
- Repeatable administrative processes (covered in an upcoming blog)
- Backups – Probably the most critical set of documentation you will ever create- Document how it is backed up, what scripts back it up, where the backup is going to, retention periods and backup message directories. If it is involved with a backup, DOCUMENT IT. Review the document with other units that are involved in the backup and recovery process. It is your responsibility to ensure that you don’t hear an operator say, “What retention period? Nobody told me we were to have a retention on these files” when you are in a recovery situation. Remember that Oracle states that human error, including miscommunications, is responsible for over 90% of failed recoveries. If you want to reduce recovery failures, DOCUMENT THE PROCESS AND REVIEW IT.
- Anything else you run on a regular basis to support a specific application
- Change management- I’ll be spending an entire blog, or two, on this
- A daily monitoring activity checklist to ensure that no activity is missed- We have daily, weekly and monthly activities that are to be performed for each of our customers
- Complex administrative activities performed regularly
- Test and reporting database refreshes
- Data reorganizations
- Disaster recovery tests- The processes required to perform the recovery AND the criteria that will be used to evaluate whether it was successful or not
- DBA-specific stored PL/SQL and TSQL programs
- Day-to-day support scripts (where they are and what they do)
- Monitoring scripts (where they are and what they do)
- Scripts used to perform database administrative changes- I personally utilized specific directories that provide output from critical database changes that I have performed and other directories containing the SQL used to make that change
- Operating system scripts- Document what the script does in the beginning of each of your scripts. Did you ever try to determine what a 400 line script does that was created by someone who knows much more about UNIX scripting than you do? We have all been in that position at one time or another during our career. Make it easy on your coworkers to understand what the script does by putting comments at the top of the script as well as in the body. Also keep a running history of script changes, what they were and the time they were made
Database Administration Unit Organizational Documentation
- Contact Information
- DBA roles and responsibilities- Which applications, databases and tasks they are responsible for supporting
- DBA unavailability- Allows application developers to plan for a DBA not being available
It is a good practice to distribute this information to all business units supported by the database administration unit.
I hope you enjoyed this blog on documentation and the important role it plays.
Effectively being able to store and manage big data is more than simply having a lot of hard disk space.
The variety and complexity of the information produced by Internet-connected assets has forced database administration services to adapt to new processes and environments. Their focus on accessibility and security hasn't wavered, but the manner in which they approach these priorities has transformed.
Solving the puzzle: structured and unstructured data
BrightPlanet, a company that specializes in harvesting data from the Internet, outlined the differences between unstructured and structured data. While volume has always challenged databases to hold massive troves of organized intelligence, one of the chief difficulties resides in the act of actually arranging it.
- Structured: Pertains to data that is highly constructed and easy to query and is typically held in relational database systems. A spreadsheet is an example of structured information.
- Unstructured: Applicable to data that doesn't subscribe to a particular architecture and is usually stored in NoSQL databases, which run complex algorithms to create environments capable of managing it. Social media posts are examples of unstructured information.
What does this mean for remote database services?
According to MongoDB, conventional DBA practices needed to become more agile in order to be able to query large collections of unstructured data, giving birth to NoSQL databases. This access language sanctioned the development of "document" storage, which has spawned the following benefits:
- Documents are regarded as independent entities, which makes it simpler to transport data across multiple virtual locations.
- SQL queries don't need to be translated from object to application.
- Because a document contains whatever values the software language requires, unstructured data is easy to store.
In response to this development, DBAs learned the administrative languages and tools needed to launch and manage document-based data environments.
Different program, same responsibilities
As one can imagine, DBAs are still expected to perform the same database active monitoring tasks they have been around since the inception of digital information storage. There are also a number of additional responsibilities these professionals are undertaking:
- Understanding how clients plan on using the data. Are they simply looking to scrutinize it or allow applications to make intelligent decisions with it?
- Securing firewall access. What tactics are cybercriminals employing in an attempt to penetrate these environments?
- Managing and monitoring performance. How well are software deployments adapting to unstructured data?
Outsourcing to DBAs knowledgeable in contemporary enterprise needs and NoSQL databases may be a good tactic for organizations to use.
As hospital personnel continue to access patient records through mobile devices, health care organizations are taking new approaches to database security.
Assessing initial requirements
The best way for CIOs in the medical industry to measure the performance of their server protection strategies is to ensure all software deployments are compliant with the Health Insurance Portability and Accountability Act. Information Week contributor Jason Wang acknowledged the basic requirements HIPAA obligates mobile applications and networks to possess:
- Authorized, defended user access to protected health information
- Encryption features that hide sensitive data from unsanctioned personnel
- Routine security updates to eliminate bugs or loopholes in the network
- A remote access data elimination feature that can be activated by administrators in the event a mobile device is lost, stolen or compromised
- A solid business continuity/disaster recovery framework that can be tested on a regular basis
With these points in mind, health care organizations would greatly benefit from having a third party develop an enterprise-wide mobile application for their facilities. Salesforce CRM in particular is a solid option for those looking to install such an implementation, primarily due to its reputation for having HIPAA-compliant security features.
The risks involved
Many medical professionals believe employing a mobile network will help their subordinates allot more attention to patients. While this concept may be true, there are a number of threats that left unacknowledged could infect such a system. Having a third-party company constantly conduct database active monitoring tasks is imperative to deterring the following dangers:
- Mobile devices, as well as wearables, are easily misplaced, meaning that those who come across these mechanisms could access private patient information
- As a number of health care providers are communicating with patients through social media – malware and other Web-based attacks could be funneled through such mediums to infect devices.
- Because mobile keyboards are rudimentary, users are more likely to use uncomplicated passwords that can easily be unmasked.
Be a smart user
Database administration needs aside, health care companies must also provide personnel with a secure line of communication. HIT Consultant noted that text messaging is a solid way for hospital staff to transfer information quickly and on the go, but the avenue lacks the encryption technology necessary to keep these communications secure.
Installing an encoding program geared specifically toward mobile text messaging is a good move to make. However, employees should also be cognizant of the fact that they should not explicitly share vital information, if they can help it.
Aside from the techniques they use, the most dangerous tool hackers have at their disposal is the ability to network with organized criminal syndicates.
Many experienced deviants who have made an unorthodox, yet profitable career out of unlawful behavior have realized that the Internet provides them with relatively safe avenues to steal money. These figures hold no biases regarding who they target, attacking enterprise servers and consumer computers.
The best way to deter these persistent criminals from succeeding is by employing database activity monitoring, malware detection software and staff members skilled in the craft of information protection. The latter factor is particularly important, as those who have encountered aggressive cyberattacks likely know how to defend networks against them.
The strength of a network
According to PC World, French and Romanian officials razed a cybercriminal organization comprised of Romanian citizens, who used malware to infect the databases of money transfer enterprises in Germany, Norway, the United Kingdom, Austria and Belgium. European law enforcement agency Europol noted the figures used remote access Trojans to infiltrate the systems, allowing them to conduct unsanctioned transactions.
The Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT), reported that the illicit organizations would deliver fictitious money transfers from sham people to real recipients. In one instance, a franchisor lost $800,000 as a result of the scheme.
Cybercriminals are recognizing that enterprises have been tightening database security in response to such attacks, leading them to utilize more sophisticated techniques. ZDNet contributor Charlie Osborne referenced Gyges, a form of espionage malware engineered by government developers, as being one of the most difficult deployments to detect.
She cited a recent report conducted by Sentinel Labs, which surmised that the malicious software likely originated from Russia and is "virtually invisible." The program can remain active for long periods of time, unbeknown to victims. Hackers are now reengineering Gyges to create more advanced ransomware and rootkits, the latter of which are codes that shield covert processes from detection.
One of the characteristics that makes Gyges so tricky is its ability to infiltrate systems when users remain inactive, a significant digression from processes employed by conventional malware. In addition, Gyges is capable of transporting other forms of malicious code that can be initiated once the desired target has been reached.
Between organized criminal networks and government-grade malware at the disposal of cybercriminals, it's safe to say organizations need to find ways to optimize their database protection.
The post Cybercriminals using more tools, are better connected appeared first on Remote DBA Experts.
Companies new to the world of cloud computing often express apprehension in regard to security.
Unsure as to how internal teams are supposed to deploy effective protection, a number choose to outsource to database administration services capable of monitoring all network and server activity around the clock. As there are so many such companies to choose from, some enterprises are unclear as to what they should be looking for.
Gilad Paran-Nassani, a contributor to SYS-CON, acknowledged the puzzle organizations encounter when weighing cloud deployment capabilities with IT defenses. He outlined a number of points leaders should be sure to cover before signing a contract with a database security provider:
- Define who can access information: In addition to assigning company personnel the authorization codes, organizations should get a clear idea of who on the DBA end of the operation can obtain and view data. Any opacity in this regard should be thoroughly assessed.
- Know how data is encrypted in the cloud: The CIO and managers of the DBA service should sit down and outline how information will be hidden during transfers. Make sure there are no loopholes in the procedure and that it can be adjusted to new security needs.
- Conduct a background check: Get into contact with the prospective DBA's customers and ask them questions regarding their own experiences. In addition, ask the business to provide a list of any credentials pertaining to cloud platform protection.
What to look for
When seeking out a company that can provide remote database management for cloud environments, or on-premise solutions for that matter, there are a number of enterprise characteristics businesses should favor. MSPmentor contributor Michael Brown outlined four elements executives should look for when speaking with DBA services face-to-face:
- A fundamental concept: If the professionals on the other end of the table have a unique approach to how they tackle security, then they're most likely a sure bet.
- Honesty: A cloud security provider that acknowledges past mistakes and explains how it has evolved from those mishaps is filled with motivated, adaptable individuals.
- Transparency: When answering tough questions, a DBA should divulge its capabilities and shortcomings so trust can be quickly established.
- Commitment: Dedication should go beyond day-to-day security amenities. A DBA must seek ways to improve protection while ensuring system workability on a consistent basis.
As one can observe, selecting the right DBA to protect enterprise cloud environments requires human characteristics as well as technical ability. These considerations will help organizations find the right fit.
The post What to look for in a cloud database security company appeared first on Remote DBA Experts.
A reputed professional recently discovered a bug in one of Oracle's key security implementations, which may prompt some of its customers to seek active database monitoring solutions.
A good start, but needs work
According to Dark Reading, David Litchfield, one of the world's most well-recognized database protection experts, recently discovered a couple of faults in Oracle's redaction feature for its 12c servers. The defensive measure allows database administrators to mask sensitive information from malicious figures.
Although Litchfield regarded the feature as a good deployment, he asserted that a highly skilled hacker would be capable of bypassing the function. He noted that employing a type of Web-based SQL injection is a feasible way for an unauthorized party to gain access to information. Litchfield is expected to demonstrate this technique among others at Black Hat USA in Las Vegas next month.
"To be fair, it's a good step in the right direction," said Litchfield, as quoted by the source. "Even if a patch isn't available from Oracle, it's going to protect you in 80 percent of the cases. No one really know how to bypass it at this point."
Although Oracle is working to mitigate this problem, enterprises need to wonder what's going to protect them from the other 20 percent of instances. Having a staff of remote database support professionals actively monitor all server activity is arguably the most secure option available.
Specifically, Oracle customers require assistance from those possessing the wherewithal to defend databases from SQL injection attacks. Network World outlined a few situations in which this invasive technique has caused harrowing experiences for retailers:
- In the winter of 2007, malware was inserted into Heartland Payment Systems' transaction processing system, resulting in 130 million stolen card numbers.
- In early November 2007, Hannaford Brothers sustained a malicious software attack that led to the theft of 4.2 million card access codes.
- Between January 2011 and March 2012, a series of SQL injection endeavors against Global Payment Systems incited $92.7 million in losses.
Take the simple steps
Network World acknowledged the importance of treating routine processes as critical features. For example, forgetting to close a database after testing the system for vulnerabilities is negligence that can't be afforded to transpire.
In addition, it's imperative that enterprises understand the mapping of their database architectures. This protocol can be realized when organizations employ consistent surveillance of all activity, allowing professionals to see which channels are the most active and what kind of data is flowing through them.
The post Oracle users may require remote database management appeared first on Remote DBA Experts.
As hurricane season gets longer and businesses grow more reliant on technology, having a smart disaster recovery plan in place is essential. A major part of maintaining database security involves ensuring that the system can be rebooted or accessed in the event of a major power outage.
Eric Webster, a contributor to Channel Partners Online, referenced a survey of 600 small and medium-sized businesses conducted by Alibaba.com, Vendio, and Auctiva in 2013, noting that 74 percent of respondents have no DR/business continuity plan in place. Another 71 percent of SMBs lack a backup generator to keep the data center running.
Essentially, this means that a large number of enterprises won't be able to conduct any activities in the event their operations shut down. Because technology is so heavily integrated into day-to-day workflows, professionals don't realize how mission critical databases are until they can't be accessed anymore.
Battening down the hatches
So, what can be done to prepare for a data center outage? TechRadar noted that implementing a DR/BC strategy involves a step-by-step process:
- If working with a cloud services provider, partner with a company known for building accessible, recoverable infrastructures.
- Set up data centers in easily reachable, strategically placed locations to exercise a low risk of failure.
- Figure out whether a dedicated communications link or a virtual private network is the best way to connect with databases.
- Regularly conduct tests on the system, which should be measured by performance and task completion.
Webster acknowledged the benefits of hiring a remote database support service to initiate DR/BC tests, manage and organize recovery strategies and monitor databases 24/7/365.
The key advantage of outsourcing to a managed services provider is that in the event a major storm is forecasted, database administrators can quickly implement backup strategies so that applications, stored information and platforms aren't lost.
With DBAs in mind, it's important to acknowledge that many such professionals now offer Recovery-as-a-Service, working with cloud environments to launch and maintain DR/BC. Webster outlined how this process works:
- An enterprise's tangible and/or virtual databases deliver images of their environments to the cloud on a regular basis
- If a super storm shuts down a data center, its virtual version can be maintained by and accessed through the cloud environment.
Webster acknowledged that this service model is more affordable than conventional DR/BC strategies. Recovery can occur more quickly and separate hard disks containing data identical to the information in on-premise servers don't need to be used.
In an effort to keep up with the times, many financial institutions have implemented e-banking applications that allow customers to access and manage their finances on the Web or through their smartphones.
Although electronic solutions may boost satisfaction rates and make it easier for account holders to transfer funds, they can cause major database security woes if proper protective measures aren't taken. As of late, there have been two kinds of malware banks have had to contend with.
Attacking the mobile arena
Because it's easy for consumers to get caught up in the luxury of viewing checking information on their smartphones, many forget to follow necessary, defensive protocols. According to ITPro, a new remote access Trojan, named com.II, is targeting Android devices and zeroing in on users with mobile banking applications.
The source noted that the malware abides by the following process:
- Undermines any security software that's installed
- Scans the device for eBanking programs
- Replaces any such tools with fraudulent ones
- Implements fabricated application updates
- Steals and delivers short message service notifications to access contact lists.
Paco Hope, principal consultant with Cigital, a firm based in the United Kingdom, surmised that the malicious software could infect global banking populations, as it's capable of being manipulated to abide by different languages.
To prevent the program from entering bank accounts and stealing funds, active database monitoring should be employed by enterprises offering e-banking apps. Com.II has the ability to conduct thorough surveillance of individual checking and savings records, allowing the malware's administrators to potentially carry out transactions.
Under the radar
Many programmers harboring ill intentions have found a way to make malicious software basically unrecognizable. MarketWatch acknowledged a new breed of malware, dubbed Emotet, that tricks people into giving it access to bank accounts. The news source outlined the deployment's protocol.
- Spam messages are sent to victims' emails
- The contents of those notices detail financial transactions and include links
- Upon clicking the link, the malware activates code that sits in browsers
- Once a person visits a bank website, the program can monitor all activity
Trend Micro Vice President of Technology and Solutions JD Sherry asserted that the language used within the encoded messages appears authentic. This makes it easy for individuals to fall victim to the scam.
The administrator's side of the equation
Although it's important for e-banking customers to install adequate malware protection programs, the enterprises administering electronic solutions must find a way to defend their accounts. Constant database surveillance needs to be employed so that security breaches don't get out of hand in the event they occur.
The post Malware stirs database security concerns for banks appeared first on Remote DBA Experts.
Leveraging Collective Knowledge and Subject Matter Experts to Improve the Quality of Database Support
The database engine plays a strategic role in the majority of organizations. It provides the mechanism to store physical data along with business rules and executable business logic. The database’s area of influence has expanded to a point where it has become the heart of the modern IT infrastructure. Because of its importance, enterprises expect their databases to be reliable, secure and available.
Rapid advances in database technology combined with relatively high database licensing and support costs compel IT executives to ensure that their organization fully utilizes the database product’s entire feature set. The more solutions the database inherently provides, the more cost effective it becomes. These integrated features allow technicians to solve business problems without the additional costs of writing custom code and/or integrating multiple vendor solutions.
The issue then becomes one of database complexity. As database vendors incorporate new features into the database, it becomes more complex to administer. Modern database administrators require a high level of training to be able to effectively administer the environments they support. Without adequate training, problems are commonplace, availability suffers and the database’s inherent features are not fully utilized.The Benefits of Collective Knowledge
Successful database administration units understand that providing better support to their customers not only comes from advances in technology but also from organizational innovation. The selection of support-related technologies is important, but it is the effective implementation and administration of those technologies that is critical to organizational success.
Database team managers should constantly leverage the collective knowledge of their entire support staff to improve the quality of support the team provides and reduce the amount of time required to solve problems.
One strategy to build the team’s expertise is to motivate individual team members to become Subject Matter Experts in key database disciplines. This strategy is performed informally hundreds of times in IT daily. A support professional is required to perform a given task and “gets stuck”. They spin their wheels and then decide to run down the hall and find someone they feel can provide them with advice. They consult with one or more fellow team members to solve the problem at hand.
The recommendation is to have a more formal strategy in place so that each team member, in addition to their daily support responsibilities, becomes a deep-dive specialist in a given database discipline. Their fellow team members are then able to draw from that expertise.Increasing the Efficiency of Support- Subject Matter Experts
The database environment has become so complex that it precludes database administrators from becoming true experts in all facets of database technology. RDX’s large administrative staff allows it to increase efficiency by creating specialists in key database disciplines. In addition to expertise in providing day-to-day support, each of RDX’s support staff members is required to become an expert in one or more database disciplines including backup and recovery, highly available architectures, SQL tuning, database performance, database monitoring, UNIX/Windows scripting and database security.
RDX allocates the support person with the highest-level skill sets in that particular task to provide the service requested by the customer. This methodology ensures that the customer gets the most experienced person available to perform complex tasks. Who do you want to install that 5 node Oracle RAC cluster? A team member that has limited knowledge or one that has extensively studied Oracle’s high availability architecture and performs RAC installations on a daily basis?
Although your team may only consist of a ½ dozen administrators, that doesn’t mean that you aren’t able to leverage the benefits that the Subject Matter Experts strategy provides. Identify personnel on the team that are interested in a particular database support discipline (i.e. security, database performance, SQL Performance, scripting, etc.) and encourage them to build their expertise in those areas. If they are interested in high availability, send them to classes, offer to reimburse them for books on that topic and/or allocate time for them to review HA specific websites. Focus on the areas that are most critical to the needs of your shop. For instance, is your company having lots of SQL statement performance problems? A sound strategy is to have one of your team members focus on SQL tuning and support them throughout the entire educational process.
Also consider special skills during the DBA interview and selection process. At RDX, we always look for candidates that are able to provide deep-dive expertise in key database support disciplines. We have several DBAs on staff that have strong application development backgrounds including SQL performance tuning. This was in addition to possessing a strong background in database administration. We use the same strategy for HA architectures, and we look for candidates that have strong skills in any database advanced feature. We’re able to leverage that expertise for the customer’s benefit. The same strategy can be applied to any size team. Look for candidates that excel in database administration but are also strong in key areas that will improve your ability to support your internal customers.
In addition, you can also draw expertise from other teams. For example, you may have access to an application developer who is strong in SQL coding and tuning or an operating system administrator that excels in scripting. Build relationships with those personnel and leverage their experience and skill sets when needed. Ask them to provide recommendations on training to your team or assist when critical problems occur. Technicians are usually more than happy to be asked to help. Just make sure to be courteous when asking and thank them (and their manager) when they do help out.Reducing Downtime Duration by Faster Problem Resolution
RDX’s large staff also reduces the amount of time spent on troubleshooting and problem solving. RDX is able to leverage the expertise of a very large staff of database, operating system and middle-tier administrators. Additionally, RDX is able to leverage the team’s expertise to provide faster resolution to database performance issues and outages. Since the support staff works with many different companies, they have seen a number of different approaches to most situations.
Ninety-nine percent of our support technicians work at the same physical site. This allows RDX to create a “war room” strategy for brainstorming activities and problem solving. All technicians needed to create a solution or solve a problem are quickly brought to bear when the need arises. Support technicians come from varied backgrounds and have many different skill sets. RDX is able to leverage these skills without having to search for the right person or wait for a return call. Work can take place immediately.
This “war room” strategy works for any size team. When a significant issue occurs, leverage the entire team’s skill sets. Appoint yourself to be the gate keeper to ensure that the team remains focused on the goal of quick problem resolution and that the conversation continues to be productive. Brainpower counts, and the more collective knowledge you have at your disposal, the more effective your problem resolution activities become.Conclusion
Corporate information technology executives understand that their success relies upon their ability to cut costs and improve efficiency. Decreasing profit margins and increased competition in their market segment force them to continuously search for creative new solutions to reduce the cost of the services they provide. They also realize that this reduction in cost must not come at the expense of the quality of services their organization delivers.
RDX invites you to compare the benefits of our organizational architecture and quality improvement initiatives to our competitors, your in-house personnel or your on-site consultants. We firmly believe that our Collective Knowledge Support Model allows us to provide world class support.
The prevalence of the bring-your-own-device trend has incited new database security concerns while simultaneously improving employee performance.
Enterprises don't want to sacrifice worker productivity and happiness simply because server activity can't be properly managed. There's no reason to abandon BYOD. All it requires is assiduous surveillance, new usage protocols and network optimization.
The biggest concern comes within
Every organization has at least one staff member who couldn't be more dissatisfied with his or her current work situation. The idea of the disgruntled employee may seem somewhat cartoonish, but it's important that businesses consider the situation as a serious threat to data confidentiality.
Chris DiMarco, a contributor to InsideCounsel, acknowledged that mobile devices can be useful assets to personnel harboring ill intentions. David Long-Daniels, co-chairman of Greenberg Traurig's Global Labor & Employment Practice, noted that malicious activity can be carried out through smartphones in a number of ways, and it all starts with willingly sharing information.
"What happens if an individual leaves and you don't have a policy that allows you to wipe their device?" Long-Daniels posited, as quoted by the source.
Set up a protocol
Thankfully, there's a way you can deter malevolent employees from stealing critical information. Bret Arsenault, CIO of Microsoft and contributor to Dark Reading, noted that the software developer has successfully deterred deviancy by implementing database active monitoring and segregating personal and corporate data. He acknowledged that any device accessing company email must:
- Encrypt the information on the mechanism
- Be activated by a PIN
- Enable remote management and application updates to protect Microsoft's programs
Handling transactions off-premise has been a significant boon for Microsoft. The organization consistently deploys products that act as administrators between its own databases and the personal devices of employees. In addition, the solution allows Microsoft to remove any corporate intelligence from devices in the event the user leaves the enterprise.
Implement an access strategy
Depending on what hardware an employee is using and how trustworthy a worker is deemed to be, Microsoft defines how much database access a person will receive. Arsenault maintained that the business asks the following questions:
- What kind of email solution is an individual using? Is it personal or corporate?
- Is his or her device managed and authenticated by Microsoft or handled solely by the employee?
- Is the mechanism being used from a known or unidentified location?
With the aforementioned approaches in mind and sound remote database support at their backs, enterprises will be able to benefit from the flexible workflow BYOD offers without suffering from security woes.
The post Microsoft’s database administration strengthens BYOD security appeared first on Remote DBA Experts.
Although cyberwarfare seems like something out of a science fiction movie, the threat is a legitimate concern for public authorities.
Database active monitoring appears to the be only way in which governments can adequately defend themselves against well-coordinated cyberattacks. Having a team of administrators oversee server activity 24/7/365 is a good form of protection against assiduous criminals and persistent, covert operatives.
An unsettling visualization
According to ExtremeTech, a simulation detailing millions of global cyberattacks supported many people's assumptions that the United States sustains the bulk of database infiltration attempts.
The real-time demonstration was developed by Norse, a network security company that took information from its "honeypot" database – a tempting target that traps incoming infiltration data. The simulation discovered that:
- The bulk of attacks originate from China, directed at the U.S.
- The U.S.'s own hack attempts are more dispersed, targeting different countries
Supporting Norse's map
Because the representation was developed from Norse's own sources, what constitutes an attack and how often government agencies attack the U.S. is slightly ambiguous. Also, the nature of the endeavors varies considerably – from malware to phishing scams.
However, the source noted that in 2012, the Department of Defense maintained that it sustained 10 million cyberattacks a day. The National Nuclear Security Administration experienced database security worries of its own, reporting nearly the same amount of infiltration attempts.
A clear example
Those who believe the NNSA, DOD and other federal agencies are the only organizations targeted by governments are sadly mistaken. Oregon Live reported that the Oregon Secretary of State's website was attacked a week prior to authorities realizing that anything was wrong. The ordeal occurred in February.
As a result, the entity suspended public access to two databases for several weeks, asserting that a foreign actor had penetrated the system. The news source acknowledged that authorities believe the attack originated from North Korea or China.
"We do suspect that's where it's from, but we don't know, and the FBI is the one who is looking at the IP addresses, not us," said Oregon Secretary of State spokesman Tony Green, as quoted by the source. "We have not heard back from law enforcement about whether or not they have definitive information on where the attacks came from."
State authorities lacking the resources necessary to actively monitor all server activity should consider investing in remote database management services. Knowing what hackers are looking for, the techniques they're utilizing and where they're operating is imperative to maintaining the sanctity of critical information.
The post Recent attacks show public authorities need tighter database security appeared first on Remote DBA Experts.
Hi and welcome to the last video in our Database Activity Monitoring series where we discuss how Database Activity Monitoring streamlines our customers’ auditing compliance process. We previously touched on how our ongoing vulnerability assessments help organizations gain greater visibility into their database activity.
Our vulnerability assessments provide detailed security analyses of all databases instances and can identify current threats in our clients’ environments. This makes it easier to demonstrate compliance to auditors and helps simplify the auditing process.
RDX creates custom checks and reports to reflect specific needs for internal and regulatory audits. We also can log any access to sensitive data, including complete transaction details, for audit purposes. These features help our customers better prepare and respond to compliance audits and save them valuable time and money, as a result.
So there you have it – our Database Activity Monitoring service and all its different components. Still have questions? Don't hesitate to contact us by using the 'QuickConnect' button at the top right-hand corner of the page. We're happy to talk to you about how our database security services can help you keep your organization's databases the safest they've ever been.
Thanks for watching, and see you next time!
The post Simplifying the Auditing Compliance Process – Database Activity Monitoring Series pt. 4 [VIDEO] appeared first on Remote DBA Experts.
In response to recent data breaches, state lawmakers have proposed new legislature that would require businesses to provide disclosures to their customers in the event of an attack.
As can be expected, enterprises would prefer that their information not be hacked at all, causing many to search for database active monitoring solutions. Scrutinizing server activity around the clock is becoming a necessity as opposed to an asset that was once "nice to have."
If a company can't adequately provide authorities with details concerning a successful data infiltration attempt, it may have to face serious repercussions. Worst of all, it will have no way of knowing where the information was taken from, which customers were affected by the breach and what caused the vulnerability in the first place.
A popular measure
According to Inside Counsel, Kentucky recently became the 47th state to enact a law that requires organizations to inform their customers in the event of a data breach. The enactment of the measure leaves Alabama, South Dakota and New Mexico as the only three states that have yet to put such legislature into effect.
The news source noted that Kentucky Governor Steve Beshear signed the bill designed to protect personally identifiable information of the Bluegrass State's residents. In addition, the law mandates that cloud service providers supporting environments for public educational institutes (grades K-12) make a concentrated effort to protect student information.
Tactics to implement
Natasha Clark, a contributor to Business Technology, outlined a few ways in which enterprises can exercise thorough database security. Most of these tasks must be carried out by professionals, such as remote DBA experts who can launch solutions without having to go on-premise.
- Executing multiple backups on a regular basis will ensure that all data can be recovered in the event that it's lost or stolen.
- Having dedicated database administrators analyze logged information will ensure that no malware slips under the radar.
- Figuring out what is being protected is essential to weighing risk, enabling professionals to determine whether or not databases will be targeted by specific contingencies.
- Deploying active monitoring software to automatically search for threats can assist teams working remotely.
- Reviewing the authorities and restrictions given to database management personnel helps mitigate the severity of accidents caused in-house.
With constant monitoring, companies will be able to prevent data breaches from occurring, proactively satisfying the demands of government entities. Dedicating personnel to the security and confidentiality of customer data is the wisest choice for business leaders who don't want to have to contend with a public relations nightmare.
The post Meeting government mandates with remote database management appeared first on Remote DBA Experts.
A huge part of securing data is knowing where the information is being stored and how it's shared among professionals. Ideally, database experts should be working 24/7, 365 days a year to monitor all server activity and contents.
According to PC Magazine, the Montana Department of Public Health and Human Services recently sustained a data breach in which the personal information of 1.3 million people was exposed. Much of the data consisted of:
- Social Security numbers
- Treatment history
- Health statuses
"Out of an abundance of caution, we are notifying those whose personal information could have been on the server," said DPHHS Director Richard Opper, as quoted by the source.
A lack of understanding
The problem lies in the jargon used by Opper. "Could have been" implies that the DPHHS has no way of knowing who exactly was affected by the attack. Although questionable activity was identified on May 15 – with a subsequent investigation being conducted seven days later – the breach could have been prevented if enough clarity regarding the system existed.
Ponemon Institute recently conducted a survey of 1,587 global IT and IT security practitioners, which discovered that a mere 16 percent of respondents know where sensitive structured data is held. Even fewer study participants (7 percent) definitively know where unstructured information is located.
Not taking appropriate measures
After asking respondents which protective protocols were poorly executed, the Ponemon Institute discovered that:
- Almost three-fourths (72 percent) failed to adequately oversee intelligence sharing
- Approximately 63 percent were unsuccessful when assigning and refusing access permissions to staff.
- Just under 64 percent inadequately implemented database policy algorithms and application enhancements
Many enterprises recognize the danger of neglecting to monitor server contents and access. Having IT personnel drop in every so often to scrutinize the system isn't enough to deter assiduous cybercriminals. A company should dedicate an entire team of database administration professionals to giving servers the attention they require.
As far as what IT professionals needed more of, 76 percent of Ponemon respondents identified real-time monitoring as a critical asset for them to possess. A focus on automation was realized across the board, with survey participants requiring data discovery and protocol workflow to be proactively conducted.
Intelligence diagnostics, thorough vision of all database assets and integrated protective analysis were also cited as key enterprise needs.
Knowing where data is stored, how it's transferred between professionals, who has access to an environment and the contents of encrypted information requires the expertise of database administration services. A team of professionals focused solely on monitoring all server activity is imperative in a world rife with cybercriminals.
The post Study reveals that comprehensive database administration is needed appeared first on Remote DBA Experts.
Ongoing Database Security Services Provide Greater Visibility: Database Activity Monitoring Series pt. 3 [VIDEO]
Hi and welcome back to the RDX blog, where we’re deep in a series about our Database Activity Monitoring services and how these services allow our customers to gain full visibility into their database activity.
We’ve previously touched on how we integrated the advanced features of McAfee’s security products to provide our customers with a 24×7 customizable Database Activity Monitoring solution that alerts customers to threats in real time.
In addition to all of that, we also provide ongoing services, such as new threat analyses, vulnerability scans, database and OS patching services and database activity monitoring reports.
Vulnerability assessments help us give you detailed information you can put into action immediately, helping you prioritize and remediate security gaps., and we schedule them on an ongoing basis to prevent future vulnerabilities. You will be notified about any unprivileged users or programs, and they will be quarantined in real time, preventing any further access into the database.
These assessments make demonstrating compliance to auditors much easier, and we’ll touch on this in our next video, the last part of our Database Activity Monitoring series. Thanks for watching, and stay tuned!