Database ID checks to ease security headaches

Better systems are needed to identify who is accessing data and why, according to tools firm Embarcadero

Firms are struggling to ensure the security of their data and many have created a new role of chief data officer to ensure they comply with the law, according to Greg Keller, vice-president of product management for database tools specialist Embarcadero Technologies.

Keller told IT Week that the increasing sophistication of criminals attacking databases means that database vendors must make a greater effort to ensure their products are kept secure.

To combat the problem, firms should install software that asks who, what, where, when and how users are accessing data in the organisation, Keller added. They should also implement best practices to ensure "the organisation gets up to speed in protecting itself from itself", he said. "Three years ago [IT systems were] all about availability [of data] but now that's a given and it's [about] limiting unwarranted access and ensuring compliance, and the database administrator is on the front line."

Due to the separation of duties required by legislation such as the US Sarbanes-Oxley corporate governance law, some companies have also been forced to remove some responsibilities from the chief information officer, creating a new role of chief data officer to manage the their data and ensure its security, added Keller.

In separate news, Embarcadero has announced it will launch two new products this July – version 7.1 of its ER/Studio data modelling tool including a new data security feature; and its Performance Centre 2.0 performance management offering, featuring new DB2 support.