Data Breach Prevention

A data breach is the single most devastating security event that an organization can endure. A high-profile breach of sensitive data—such as credit card or social security numbers – can lead to brand damage, lawsuits, and fines. Over three hundred million sensitive records were compromised between 2005 and 20101, underscoring the severity of the threat.

Data breach prevention To prevent a financially damaging data breach, organizations must protect their application, file, and database data from the following security risks:

Hacking and external threats
Insider threats
Application vulnerabilities due to ineffective secure Web development processes

To address these security risks, organizations must follow security best practices and implement practical and effective safeguards to mitigate internal and external attack vectors.

Key Drivers

Hacking and External Threats

Web applications are a prime target for attack. Applications often contain sensitive data such as credit card numbers, bank account information, and Social Security numbers, and they are typically riddled with vulnerabilities. To address external threats, organizations must protect against known, zero-day and automated attacks, prevent data leaks, safeguard HTTP and SSL-encrypted applications, and protect application data that is stored in databases.

Insider Threats

For most organizations, the greatest threat comes from within. Protecting sensitive data is essential to any effective security or compliance strategy. Traditional network security controls simply don't protect sensitive data from insider threats. Organizations need purpose-built data security solutions that can detect, prevent, and continually audit how users, including privileged users, interact with sensitive data. By monitoring and enforcing database, file and application access at the data level, organizations can effectively control insider threats.

Secure Web Development

Research indicates that over 80% of Web sites have had high, critical, or urgent vulnerabilities.2 New attack methods, such as published attack tools and search engines, have made it easier for even novice hackers to find and exploit vulnerabilities. Based on these serious security threats and the high prevalence of application vulnerabilities, organizations need to undertake secure application development processes, accelerate application fix cycles through virtual patching, and pinpoint application errors and vulnerabilities discovered by application monitoring.

Related Products:

Database Security
Product Name:	Capabilities:
SecureSphere Database Firewall	Monitor and optionally block unauthorized database activity Alert on material variances of profiled user behavior Prevent sensitive database data leaks
SecureSphere Discovery and Assessment Server	Automate data discovery and classification Assess databases for vulnerabilities Prioritize security risks
User Rights Management for Databases	Aggregate access rights across databases Remove excessive rights and dormant users

File Security
Product Name:	Capabilities:
SecureSphere File Firewall	Monitor and optionally block unauthorized file activity Investigate and respond to incidents with advanced analytics and reporting Prevent sensitive file data leaks
User Rights Management for Files	Aggregate access rights across file servers Remove excessive rights and dormant users

Web Security
Product Name:	Capabilities:
SecureSphere Web Application Firewall	Block known and zero-day attacks using white list and black list security models, protocol validation, and correlation Stop automated attacks with ThreatRadar Prevent sensitive file data leaks
ThreatRadar	Detect and block known malicious sources Identify phishing attacks