Skip navigation.

Chris Foot

Syndicate content
Remote DBA Experts Blog
Updated: 13 hours 38 min ago

Recent attacks show public authorities need tighter database security

Fri, 2014-06-27 11:52

Although cyberwarfare seems like something out of a science fiction movie, the threat is a legitimate concern for public authorities. 

Database active monitoring appears to the be only way in which governments can adequately defend themselves against well-coordinated cyberattacks. Having a team of administrators oversee server activity 24/7/365 is a good form of protection against assiduous criminals and persistent, covert operatives. 

An unsettling visualization 
According to ExtremeTech, a simulation detailing millions of global cyberattacks supported many people's assumptions that the United States sustains the bulk of database infiltration attempts.

The real-time demonstration was developed by Norse, a network security company that took information from its "honeypot" database – a tempting target that traps incoming infiltration data. The simulation discovered that:

  • The bulk of attacks originate from China, directed at the U.S.
  • The U.S.'s own hack attempts are more dispersed, targeting different countries

Supporting Norse's map 
Because the representation was developed from Norse's own sources, what constitutes an attack and how often government agencies attack the U.S. is slightly ambiguous. Also, the nature of the endeavors varies considerably – from malware to phishing scams. 

However, the source noted that in 2012, the Department of Defense maintained that it sustained 10 million cyberattacks a day. The National Nuclear Security Administration experienced database security worries of its own, reporting nearly the same amount of infiltration attempts. 

A clear example 
Those who believe the NNSA, DOD and other federal agencies are the only organizations targeted by governments are sadly mistaken. Oregon Live reported that the Oregon Secretary of State's website was attacked a week prior to authorities realizing that anything was wrong. The ordeal occurred in February. 

As a result, the entity suspended public access to two databases for several weeks, asserting that a foreign actor had penetrated the system. The news source acknowledged that authorities believe the attack originated from North Korea or China. 

"We do suspect that's where it's from, but we don't know, and the FBI is the one who is looking at the IP addresses, not us," said Oregon Secretary of State spokesman Tony Green, as quoted by the source. "We have not heard back from law enforcement about whether or not they have definitive information on where the attacks came from."

Being proactive 
State authorities lacking the resources necessary to actively monitor all server activity should consider investing in remote database management services. Knowing what hackers are looking for, the techniques they're utilizing and where they're operating is imperative to maintaining the sanctity of critical information. 

The post Recent attacks show public authorities need tighter database security appeared first on Remote DBA Experts.

Simplifying the Auditing Compliance Process – Database Activity Monitoring Series pt. 4 [VIDEO]

Fri, 2014-06-27 07:46

Hi and welcome to the last video in our Database Activity Monitoring series where we discuss how Database Activity Monitoring streamlines our customers’ auditing compliance process. We previously touched on how our ongoing vulnerability assessments help organizations gain greater visibility into their database activity.

Our vulnerability assessments provide detailed security analyses of all databases instances and can identify current threats in our clients’ environments. This makes it easier to demonstrate compliance to auditors and helps simplify the auditing process.

RDX creates custom checks and reports to reflect specific needs for internal and regulatory audits. We also can log any access to sensitive data, including complete transaction details, for audit purposes. These features help our customers better prepare and respond to compliance audits and save them valuable time and money, as a result.

So there you have it – our Database Activity Monitoring service and all its different components. Still have questions? Don't hesitate to contact us by using the 'QuickConnect' button at the top right-hand corner of the page. We're happy to talk to you about how our database security services can help you keep your organization's databases the safest they've ever been.

Thanks for watching, and see you next time!
 

The post Simplifying the Auditing Compliance Process – Database Activity Monitoring Series pt. 4 [VIDEO] appeared first on Remote DBA Experts.

Meeting government mandates with remote database management

Fri, 2014-06-27 07:21

In response to recent data breaches, state lawmakers have proposed new legislature that would require businesses to provide disclosures to their customers in the event of an attack.

Overseeing operations
As can be expected, enterprises would prefer that their information not be hacked at all, causing many to search for database active monitoring solutions. Scrutinizing server activity around the clock is becoming a necessity as opposed to an asset that was once "nice to have."

If a company can't adequately provide authorities with details concerning a successful data infiltration attempt, it may have to face serious repercussions. Worst of all, it will have no way of knowing where the information was taken from, which customers were affected by the breach and what caused the vulnerability in the first place.

A popular measure
According to Inside Counsel, Kentucky recently became the 47th state to enact a law that requires organizations to inform their customers in the event of a data breach. The enactment of the measure leaves Alabama, South Dakota and New Mexico as the only three states that have yet to put such legislature into effect.

The news source noted that Kentucky Governor Steve Beshear signed the bill designed to protect personally identifiable information of the Bluegrass State's residents. In addition, the law mandates that cloud service providers supporting environments for public educational institutes (grades K-12) make a concentrated effort to protect student information.

Tactics to implement
Natasha Clark, a contributor to Business Technology, outlined a few ways in which enterprises can exercise thorough database security. Most of these tasks must be carried out by professionals, such as remote DBA experts who can launch solutions without having to go on-premise.

  1. Executing multiple backups on a regular basis will ensure that all data can be recovered in the event that it's lost or stolen.
  2. Having dedicated database administrators analyze logged information will ensure that no malware slips under the radar.
  3. Figuring out what is being protected is essential to weighing risk, enabling professionals to determine whether or not databases will be targeted by specific contingencies.
  4. Deploying active monitoring software to automatically search for threats can assist teams working remotely.
  5. Reviewing the authorities and restrictions given to database management personnel helps mitigate the severity of accidents caused in-house.

With constant monitoring, companies will be able to prevent data breaches from occurring, proactively satisfying the demands of government entities. Dedicating personnel to the security and confidentiality of customer data is the wisest choice for business leaders who don't want to have to contend with a public relations nightmare.

The post Meeting government mandates with remote database management appeared first on Remote DBA Experts.

Study reveals that comprehensive database administration is needed

Thu, 2014-06-26 02:13

A huge part of securing data is knowing where the information is being stored and how it's shared among professionals. Ideally, database experts should be working 24/7, 365 days a year to monitor all server activity and contents. 

Grievous consequences
According to PC Magazine, the Montana Department of Public Health and Human Services recently sustained a data breach in which the personal information of 1.3 million people was exposed. Much of the data consisted of:

  • Names
  • Social Security numbers
  • Treatment history
  • Health statuses
  • Insurance

"Out of an abundance of caution, we are notifying those whose personal information could have been on the server," said DPHHS Director Richard Opper, as quoted by the source. 

A lack of understanding 
The problem lies in the jargon used by Opper. "Could have been" implies that the DPHHS has no way of knowing who exactly was affected by the attack. Although questionable activity was identified on May 15 – with a subsequent investigation being conducted seven days later – the breach could have been prevented if enough clarity regarding the system existed. 

Ponemon Institute recently conducted a survey of 1,587 global IT and IT security practitioners, which discovered that a mere 16 percent of respondents know where sensitive structured data is held. Even fewer study participants (7 percent) definitively know where unstructured information is located. 

Not taking appropriate measures 
After asking respondents which protective protocols were poorly executed, the Ponemon Institute discovered that: 

  • Almost three-fourths (72 percent) failed to adequately oversee intelligence sharing 
  • Approximately 63 percent were unsuccessful when assigning and refusing access permissions to staff. 
  • Just under 64 percent inadequately implemented database policy algorithms and application enhancements 

Constant surveillance
Many enterprises recognize the danger of neglecting to monitor server contents and access. Having IT personnel drop in every so often to scrutinize the system isn't enough to deter assiduous cybercriminals. A company should dedicate an entire team of database administration professionals to giving servers the attention they require.

As far as what IT professionals needed more of, 76 percent of Ponemon respondents identified real-time monitoring as a critical asset for them to possess. A focus on automation was realized across the board, with survey participants requiring data discovery and protocol workflow to be proactively conducted. 

Intelligence diagnostics, thorough vision of all database assets and integrated protective analysis were also cited as key enterprise needs. 

Knowing where data is stored, how it's transferred between professionals, who has access to an environment and the contents of encrypted information requires the expertise of database administration services. A team of professionals focused solely on monitoring all server activity is imperative in a world rife with cybercriminals. 

The post Study reveals that comprehensive database administration is needed appeared first on Remote DBA Experts.

Ongoing Database Security Services Provide Greater Visibility: Database Activity Monitoring Series pt. 3 [VIDEO]

Tue, 2014-06-24 08:38

Hi and welcome back to the RDX blog, where we’re deep in a series about our Database Activity Monitoring services and how these services allow our customers to gain full visibility into their database activity.

We’ve previously touched on how we integrated the advanced features of McAfee’s security products to provide our customers with a 24×7 customizable Database Activity Monitoring solution that alerts customers to threats in real time.

In addition to all of that, we also provide ongoing services, such as new threat analyses, vulnerability scans, database and OS patching services and database activity monitoring reports.

Vulnerability assessments help us give you detailed information you can put into action immediately, helping you prioritize and remediate security gaps., and we schedule them on an ongoing basis to prevent future vulnerabilities. You will be notified about any unprivileged users or programs, and they will be quarantined in real time, preventing any further access into the database.

These assessments make demonstrating compliance to auditors much easier, and we’ll touch on this in our next video, the last part of our Database Activity Monitoring series. Thanks for watching, and stay tuned!

The post Ongoing Database Security Services Provide Greater Visibility: Database Activity Monitoring Series pt. 3 [VIDEO] appeared first on Remote DBA Experts.

SQL vs. NoSQL: Which is best?

Tue, 2014-06-24 01:33

The manner in which information is accessed – as well as how fast it's procured – depends on the day-to-day needs of organizations. Database administration services often help businesses decide whether Not Only Structured Query Language (NoSQL) or conventional Structured Query Language is needed to optimize data-related operations. 

SQL 
SQL servers, also known as relational databases (RDBMS) have been around for the longest time, with companies such as Oracle and Microsoft developing the structures. The Geek Stuff acknowledged a few key components of the technology: 

  • RDBMS are table-based structures, representing data in columns and rows
  • They possess an underlying pattern or protocol to access and read the information
  • Scaled vertically, SQL databases are accessed by increasing hardware power
  • Good for intricate, extensive queries
  • Vendors typically offer more support for RDBMS, as it is a popular, familiar solution. 

NoSQL 
Relatively new to the sector, NoSQL runs off of unstructured query language. MongoDB, the most popular provider of NoSQL databases, explained that they were developed to better handle large sets of different data types. Primary functions of the technology are dictated below:

  • Can consist of four primary types: document, graph stores, key-value (in which every item in the database is stored with a name and its worth), or wide column
  • Do not subscribe to schemas or preset rules
  • Scaled by combining the computational power of other machines to reduce load stress – also known as "scaling out" 
  • Outside experts are hard to come by, but database support services can provide users with efficient knowledge. 

As they stand in the market 
Visual Studio Magazine referenced a survey of 500 North American software developers by Database-as-a-Service (DBaaS) company Tesora, which discovered that 79 percent of respondents were using SQL database language. The study itself focused on how the two programming interchanges were utilized by those working with private or public cloud environments. 

"Going forward, this gap can be expected to close since NoSQL databases have only been on the market for a few years or less, as opposed decades for some of the incumbents," acknowledged the report, as quoted by VSM. 

One better than the other? 
For those handling a mix of unstructured, structured and semi-structure data, NoSQL is most likely the way to go. Those managing number-based information should see major benefits from using SQL. 

However, it's important to remember that the processing power of tangible servers is increasing at a slower rate than it was ten years ago. Because NoSQL optimizes the use of these machines by pooling computing power, it may be the better choice for those worried about the future. 

The post SQL vs. NoSQL: Which is best? appeared first on Remote DBA Experts.

Customizing a Database Activity Monitoring Solution: Database Activity Monitoring Series pt. 2 [VIDEO]

Sat, 2014-06-21 13:32

Real-time monitoring means constant protection from potential threats, and at RDX we customize database activity monitoring to fit our customers’ unique security requirements.

First, we hold fact finding meetings during the customer integration process to learn our customers’ database security requirements and internal practices. Then we educate our customers on the installation and configuration of the security monitoring architecture which utilizes an RDX supplied security appliance.

Next, we work with our customers to determine which event notifications and escalation procedures are best for their database environments. They can set notification rules about the time of day a database is accessed, certain users who access it, and the computers and programs used to access it, among hundreds of other customizable parameters.

After implementation, our team of dedicated professionals provide 24×7, 100% onshore monitoring of your database environments and will alert you to any activities that violate your predetermined security parameters.

We also provide our customers with ongoing database security services. Find out more about these in our next video!

The post Customizing a Database Activity Monitoring Solution: Database Activity Monitoring Series pt. 2 [VIDEO] appeared first on Remote DBA Experts.

What is Database Activity Monitoring?: Database Activity Monitoring Series Kick-off [VIDEO]

Fri, 2014-06-20 13:56

Today we're kicking off a series on Database Activity Monitoring. As your database administrators, safeguarding customer data is our highest priority. That’s why we offer 24×7 Database Activity Monitoring services, which allow organizations to gain full visibility into all database activity.

At RDX, we’ve partnered with McAfee, the world’s largest dedicated security company, to bring our customers the highest level of database activity monitoring. RDX has integrated the features and functionality provided by McAfee’s database security products into its support environment to give our clients visibility into all database activity, including local privileged access and sophisticated attacks from within the database itself.

Not only that, we help you save money on a security monitoring support architecture, because our Proactive Monitoring and Response Center provides 24X7, real-time security alert monitoring and support by around-the-clock staff members who are onsite, onshore, and 100 percent dedicated to protecting your organization's core assets..

This constant monitoring also helps us receive alerts of attacks in real time and terminate sessions that violate predetermined security policies.

We customer tailor a database activity monitoring solution to fit each customer’s unique needs – which we'll touch on in our next video!
 

The post What is Database Activity Monitoring?: Database Activity Monitoring Series Kick-off [VIDEO] appeared first on Remote DBA Experts.

What is Database Activity Monitoring?: Database Activity Monitoring Series Kick-off [VIDEO]

Fri, 2014-06-20 13:56

Today we're kicking off a series on Database Activity Monitoring. As your database administrators, safeguarding customer data is our highest priority. That’s why we offer 24×7 Database Activity Monitoring services, which allow organizations to gain full visibility into all database activity.

At RDX, we’ve partnered with McAfee, the world’s largest dedicated security company, to bring our customers the highest level of database activity monitoring. RDX has integrated the features and functionality provided by McAfee’s database security products into its support environment to give our clients visibility into all database activity, including local privileged access and sophisticated attacks from within the database itself.

Not only that, we help you save money on a security monitoring support architecture, because our Proactive Monitoring and Response Center provides 24X7, real-time security alert monitoring and support by around-the-clock staff members who are onsite, onshore, and 100 percent dedicated to protecting your organization's core assets.

This constant monitoring also helps us receive alerts of attacks in real time and terminate sessions that violate predetermined security policies.

We customer tailor a database activity monitoring solution to fit each customer’s unique needs – which we'll touch on in our next video!
 

The post What is Database Activity Monitoring?: Database Activity Monitoring Series Kick-off [VIDEO] appeared first on Remote DBA Experts.

Customizing a Database Activity Monitoring Solution: Database Activity Monitoring Series pt. 2 [VIDEO]

Fri, 2014-06-20 13:32

Real-time monitoring means constant protection from potential threats, and at RDX we customize database activity monitoring to fit our customers’ unique security requirements.

First, we hold fact finding meetings during the customer integration process to learn our customers’ database security requirements and internal practices. Then we educate our customers on the installation and configuration of the security monitoring architecture which utilizes an RDX supplied security appliance.

Next, we work with our customers to determine which event notifications and escalation procedures are best for their database environments. They can set notification rules about the time of day a database is accessed, certain users who access it, and the computers and programs used to access it, among hundreds of other customizable parameters.

After implementation, our team of dedicated professionals provide 24×7, 100% onshore monitoring of your database environments and will alert you to any activities that violate your predetermined security parameters.

We also provide our customers with ongoing database security services. Find out more about these in our next video! 

The post Customizing a Database Activity Monitoring Solution: Database Activity Monitoring Series pt. 2 [VIDEO] appeared first on Remote DBA Experts.

Mobile applications can be a boon for businesses

Thu, 2014-06-19 11:32

As there are thousands of unique businesses active today, each providing specific services or products to consumers, creating mobile applications directly related to their practices seems feasible.

The task is of course easier said than done. Platform-as-a-Service offers organizations the environment in which to create smartphone and tablet tools. However, monitoring such a system will likely require the expertise of database administration services that specialize in cloud deployments.

Why mobile matters
Although having a mobile application won't wholly determine whether a company is successful or not, it wouldn't hurt it to have one. Harvard Business Review referenced a 2012 survey of 1,051 U.S. smartphone users aged 13 to 54 conducted by AOL and advertising agency BBDO. The study discovered that:

  • Nearly half (48 percent) of all consumers spent an average 864 minutes using their smartphones to seek entertainment.
  • Just under 20 percent spent time socializing with other people using the devices.
  • Approximately 12 percent leveraged their machines to find a product or service

Because smartphone purchase rates have been increasingly steadily each year, the manner in which the units are used is becoming more diverse. It can only be expected that people will continue to shop more on their phones, or at least search for items.

Constructing ubiquitous brands
Developing and launching unique mobile applications can help organizations boost their prevalence in the market. According to Natasha Clark, a contributor to BusinessTechnology, around 30,000 such tools are implemented every month, meaning that more competitors are trying to gain stronger favor among consumers.

Where does the market lie?
What kinds of applications a business develops depends on its primary practices and which consumers it's targeting. Companies in the service industry have acquired positive return on investment from the endeavor. Clark referenced a tool created by Eccleston Square Hotel in London, which provides guests with:

  • Room service
  • A map and direction feature
  • A popular attractions section
  • Dining recommendations
  • General hotel information

"Nowadays, people use mobiles more than the website on a desktop," said Eccleston Square Hotel Company Director Olivia Byrne told Clark. "Our app has lots more functions, and the fact that it stays on the phone after checkout is a constant reminder of our hotel."

Providing a solid platform
Depending on how complex and flexible enterprises want their mobile applications to be, it could be in their best interests to seek consultation from DBA services. The environments needed to create modern smartphone tools can be quite complicated, so having a dedicated team monitor them is essential.

The post Mobile applications can be a boon for businesses appeared first on Remote DBA Experts.

Manufacturers: The Internet of Things is here

Tue, 2014-06-17 12:58

All too often, the Internet of Things is referred to as an anticipated technology that manufacturers haven't quite figured out how to handle yet. However, production companies distributed throughout the United States are leveraging IoT to improve operations and maintain an accurate, real-time record of all assets.

Implementing hundreds of data-producing sensors across an entire factory necessitates the development of an environment that can adequately handle the information. Database administration has become a valued asset to thousands of organizations running analytics programs. For a company that focuses on how to better produce goods, outsourcing to to professionals specializing in DBA appears to be a viable option.

Supporting a new industrial economy
Strategy and Business noted that many economists have expressed optimism regarding the U.S. manufacturing economy. Specialists have cited competitive wages, factory construction and enterprises' desires to reduce supply chain expenses as reasons to celebrate.

Although the positivity has some grounds for support, the news source maintained that software and automation will be the primary drivers of the U.S. production industry's rebound. This shift in large-scale fabrication isn't necessarily supported by routine improvement of conventional operations, but spearheaded by fundamental changes in how the 21st century factory organizes itself.

An elemental transformation
Many contemporary factories are already operating under the guidance of software specialists. The best way to perceive the situation is to imagine that all the machines in a facility are connected to a single command center. If a sensor identifies an issue – minor or major – with a particular instrument, a notification is automatically delivered to the hub, where engineers can assess the problem remotely.

The proper way to leverage IoT
Although many manufacturers are leveraging IoT, those that are new to the process may be left befuddled by the seemingly endless vat of data at their disposal. DBA services can provide guidance to enterprises before utilizing data analytics and state-of-the-art software. In addition, AutomationWorld contributor Dave Greenfield outlined four steps every production company should take to effectively operate the technology:

  • Initially, combine three or four data sources.
  • Utilize qualitative data analysis software to identify patterns and obtain insights regarding the information
  • Present those insights to decision-makers in an understandable format
  • Share findings of the analytics programs in a timely fashion.

By following the aforementioned protocol and having remote DBA professionals monitor all activity, manufacturers will be able to effectively harness IoT data without obstruction.

The post Manufacturers: The Internet of Things is here appeared first on Remote DBA Experts.

Cloud computing changes the way DBA services regard database design

Mon, 2014-06-16 07:53

Cloud technology is changing the way database administration services approach database design. Software produced by Microsoft and Oracle is allowing these professionals to construct scalable, protected servers for their clients. 

A burgeoning market 
Why has this practice become so popular? Cloud computing has allowed organizations to create flexible environments in which they can run complex data analytics platforms, collect larger stores of information and enable their employees to access files form nearly every device. 

MarketsandMarkets conducted a study that showed the cloud storage market is anticipated to grow at a compound annual growth rate of 33.1 percent over the next five years. In 2019, the sector is predicted to be worth $56.57 billion. The primary drivers of this activity will be wide area network optimization, a desire to reduce IT infrastructure intricacy and inline compression. 

A new approach to design 
Now that the limitations of on-premise data centers are being surpassed, database experts are beginning to leverage cloud technology to construct platforms based on application usage, the amount and type of data (unstructured, semi-structured and structured) and how the environment will be used to conduct tasks. 

David Linthicum, a contributor to Datamation, claimed that one of the key benefits of constructing a cloud-based database is that it can be remotely managed and constructed by a group of trained professionals. That means the environment can be customized to the specific needs of the organization that is paying for it to be built. 

​Benefits and rules
Linthicum also noted that one of the key benefits of a cloud database is that service orientation is more sound and productive than conventional servers. Because cloud processing collects and consumes information in the database catalog, the data services can be reused multiple times with no detrimental consequences for the company utilizing the system. Linthicum outlined three general rules DBA services should keep in mind when implementing such a solution: 

  1. Cloud-based environments operate best as singular entities, therefore coupling databases is counterproductive. 
  2. As with any IT implementation, it's important to construct a security module. That being said, protective features should be integrated into the atmosphere as it's being formulated. Building an entire cloud database and then applying defensive applications goes against best practices. 
  3. Make it easy to scale up storage space so that influxes of data can be adequately handled. 

Hiring outside experts who know how to use database administration language is a good idea for enterprises interested in building a private cloud, or managing a public offering. 

The post Cloud computing changes the way DBA services regard database design appeared first on Remote DBA Experts.