In the context of new threats and trends in information security and the increasing role and diversity of data warehousing technologies, data protection issues are becoming particularly relevant today.
Comprehensive protection of corporate data storage
In modern conditions, any activity is associated with the operation of a large amount of structured and unstructured data used by different groups of users.Unfortunately, traditional data management methods and approaches based on business intelligence solutions and relational database management systems are ineffective. This is because today – in the era of polyglot persistence, to meet the different needs of database developers have to manipulate different technologies to work with them – from storage to management.
Each server in the corporate network is a potential target for a cyberattack due to several reasons (the presence of open ports to establish connections, the lack of necessary patches, the possible lack of activity monitoring). To effectively deal with cyberattacks, a flexible and configurable security system must be built, which allows to detect malware, suspicious data exchange, analyze the degree of danger and characteristics of the attack and the attacker, automatically modify the system according to security needs, etc.
All these factors dictate the need for new, more reliable database security tools that can meet the requirements for their performance and scalability. An example is virtual technologies, the emergence of which has intensified the direction of database development and outlined new prospects for their development for distributed parallel processing of large data sets and their secure storage.
How does VDR software provide corporate data security?
Data protection provides a new perspective in cloud computing. The organization may decide to store its data in a data room software, but then the division of responsibilities for data protection and consequences must be agreed upon. The first step performed by the user of cloud computing services is to properly classify the data and determine their relevance to the business and the risk in the event of leakage, loss, or damage.
Data Room providers try to provide all the necessary security measures, thus they provide the following services:
- authentication and authorization of cloud consumers using a pre-established access mandate;
- availability: configure/assign resources to restore, enhance, and connect new nodes to the cloud.
- confidentiality: detection and monitoring of virtual resources, monitoring of the functioning (actions and events) of the cloud, and generation of performance reports;
- identification management: providing the ability to quantify at the level of abstraction, the appropriate type of service (eg, storage, processing, bandwidth, and active user accounts);
- security monitoring and incident handling: determination of SLA parameters (Service Level Agreement), monitoring of SLA implementation, application of SLA following the set security policies;
- security policy management: development/application/audit/updating of security policies for users accessing clouds.
Ideally, the protection of data before uploading to the Data Room should be the responsibility of the consumer of virtual services. However, the provider must be held responsible for any data distortion or theft. As countermeasures can be used: encryption, but in this case, it is necessary to consider key management, where the consumer of cloud services or any third party manages the keys. If the keys are managed by the Data Room provider, then he is responsible for the control of the keys as well as the data. It should be mentioned, that encryption protects not only from theft of credentials but also from tampering with traffic.