The process starts with a comprehensive assessment of the database infrastructure. It is recommended to use non-intrusive monitoring tools to identify every database on the network and every application or user that is accessing them. Further, the database’s business purpose needs to be documented, the nature and sensitivity of the data stored in the databases determined, and proper retention policies established. It is also important to know what will be done with each database when its retention time has expired. Zombie databases that should have been decommissioned long ago are an open opportunity for attack because the database may not be properly patched, credentials may not have been updated and no one is actively monitoring the database activity.

Once policies are established and the verification of all databases is complete, financial organizations should then continuously monitor these databases throughout their lifecycle to ensure policies and procedures are updated and effectively enforced. The key to stopping serious data breaches is paying specific attention to who is using or accessing a database, how it’s being used and identifying key changes in use patterns. Identification of an unknown user or uncommon usage pattern may be a sign that there’s a malicious attacker on the network.

Zombie databases are particularly vulnerable to insider threats, advanced persistent threats and compromised credentials. Attackers can use them as an open door to get access to other databases and potentially private financial information across the network.

In a similar fashion, rogue databases can present a large and very high-risk attack surface as well. These one-off databases may have been commissioned during the development phase of a new application and connected to the network without the IT team being aware of their existence. While developers may think they are doing something innocuous, without IT going through the proper lifecycle steps, the data won’t be properly protected. Private data on these rogue databases resides outside the scope of the security team, leaving the organization highly vulnerable. Without intelligent monitoring to identify when a new database is active on the network and to check the database against current data asset inventory, it’s not possible to properly secure its data.

With so much attention focused on securing the perimeter, mobile devices and the cloud, financial services IT teams risk ignoring the security of their organizations’ crown jewels – all of the databases residing on their network. In order to prevent a serious data breach, every database needs to be identified, inventoried, continuously monitored and retired if not in use. It’s extremely critical for the protection of sensitive information for IT teams to be aware of who is accessing a database, what each database is used for, and to ensure data is protected for the lifetime of the database. Without a comprehensive database monitoring model in place, financial institutions run the risk of a serious breach of information and becoming front page news.

Steve Hunt is president and COO for DB Networks. He can be reached at 800-598-0450 or [email protected].

Join us in Dallas at the new Credit Union Times Fraud: Don’t Let It Happen To Your Credit Union Conference, where you will find the latest tools and techniques for preventing fraud and data breaches; strategies for responding in the immediate aftermath and best practices for restoring reputation, financial stability and information security. This two-day conference is designed for credit union executives, board of directors and those responsible for your credit unions cyber security policy. Register to attend and save $150.