In this 10 part series, we review the key components that are needed to formulate and apply a consistent, regimented cloud database security program that helps ensure data is only available through authorized access. Part 9 reviewed reporting recommendations. Part 10 below provides considerations for selecting security service providers and concludes the series.
Considerations for Selecting Security Service Providers
Establish your baseline requirements for cloud security service providers. Consider what policies are most important to your organization, if they are adequately covered by the vendor and whether customization is an option. Additionally, assess how information is gathered and stored as well as the level of work needed to integrate with your system and processes.
Pro tip: The number of policies a product currently has is less important than the vendor’s ability to consistently deliver the most relevant new rules and policy updates.
Sample questions to ask include:
- Is the tool designed specifically for the cloud or is it being retrofitted?
- How many security functions does the tool address? Do I need one tool or multiple tools?
- How is data presented? How detailed does reporting get? Summary vs. granular reports
- What types of reports are available? Audit, compliance, security/incident, technical and non-technical reports?
- Is trend analysis included?
- How are reports distributed?
- Does the vendor provide real-time activity monitoring and alerting?
- What type of data is collected and stored? Raw data vs. snapshot in time vs. policy violations vs. reports. Historical data vs. current data.
- How is data retrieved?
- How long is data stored and is it encrypted?
- Is the tool easy to use?
- What alerting integrations are available?
- Will using the tool save me more money in the long run?
Conclusion: Plan For Failure; Design For Success
There’s no shortage of ways to access data without authorization. Organizations must identify gaps in their security posture both internally and externally, quantifying risk as they go, in order to determine remediation measures and fortify their defense. Only by knowing how and where data is vulnerable can organizations continually mitigate risk and truly understand the overall effectiveness of their security posture. Automating as much of the process as is possible will enable operational consistency and increase security. A culture of security consciousness and a combination of training and tools are required to strengthen an organization’s collective understanding of how data could be accessed and the steps to take to protect it.
SecureCloudDB has been built to address the unique risks presented within a cloud environment. It offers both Foundational security in the form of asset discovery and secure configurations and Operational Security in the form of database activity monitoring (DAM). Both come with prebuilt and customizable rules, reports, and alerting SecureCloudDB also delivers users a proprietary security score based upon 4 separate security areas to help support constantly evolving and improving organizational security.
With SecureCloudDB, users can instantly:
- Apply a robust catalogue of security rules collected from CIS, AWS, industry experts, and global security leaders
- Locate and properly configure and protect all databases and backups
- Identify and mitigate vulnerabilities with the Security Violations Assessment
- Take the guesswork out of fixing issues with remediation guides
- Stop attacks in their tracks with real-time Database Activity Monitoring and alerting
- Track risk by category and in aggregate to benchmark risk levels and demonstrate improvement as security increases.
- Take advantage of time-saving and easy-to-use dynamic dashboards and reports.
We provide all of this by leveraging both the cloud providers’ APIs and our own light-weight proxies in the form of a self-updating, zero touch agent that does not require opening up access to your databases in unsafe ways. These simple proxies push security data safely from the database and are rolled out using one-click CloudFormation Templates. True “Zero Knowledge” and non-intrusive techniques are utilized. All checks are performed externally without elevated privileges and the target cloud database is not affected.
The team behind SecureCloudDB has more than 60 years of experience building and running security solutions and prides itself on solving the biggest problem in public cloud: keeping valuable data safe.
Hack-Proof AWS Databases in the Public Cloud
✔ Stop attacks in their tracks with real-time Database Activity Monitoring
✔ Control vulnerabilities with the Security Violations Assessment
✔ Demonstrate on-going progress with dynamic Risk Assessment Scoring