Posts Tagged ‘Database’


For those who can not join us for the end user and channel partner product seminar session, please see the summary and highlight clip for the event.

For further information, please contact us or visit to our website on http://www.e-spincorp.com

Read Full Post »

Giving you a better picture of your Data

It was Ronald Reagan who said “Information is the oxygen of the modern age” and although it was at a time where virtual data was incomparable to what it is now – it has only become more evident how true those words were. In 2010 Verizon’s Data Breach Investigation reported an astounding 92% of all records comprised stemmed from database breaches (which comprised the majority of breaches at 25%), a marginal increase from the 2009’s 75%.

Organizations store data ranging from customer records (credit card numbers, billing information), employe records (salary, PII) and finances (revenue, assets, proprietary data). All of which is highly damaging if in the wrong hands. All of this makes it a highly enticing target for malicious attacks. With the increasing complexity of databases and applications directly interacting with them leading to the people responsible having no idea where their databases are or how secure their configurations are. Another issue on the rise in recent times is the greater demand for uptime of services leads to organizations holding off on patching vulnerabilities in favor of meeting up-time goals.


McAfee’s Security Scanner (DSS) aims to alleviate the headache for database personnel by providing three key features. DSS acts as a tactical database scanner seeking out database throughout the entirety of your network ensuring a global picture is developed. A clear view into the organization’s security posture with the capabilities to thoroughly check for over 3,500 vulnerabilities, and lastly to provide actionable data to address discovered risks.

DSS’ ability to discover databases provides an unmatched ability to not only seek and discover, but to highlight areas of key critical data such as PII, in-depth information about patch status, and security compliance levels. Its reports are built upon the concept of “less is more”, providing detailed priority levels of each threat based on advice from experts in the database security audit field combined with fix scripts wherever possible.

The entirety of these features are made available through a detailed centralized database browser allowing users to concurrently view hundreds of databases saving hours of work.

Read Full Post »


As organizations gear up for web applications or various application that make use of RDMS backend database. Database Availability become a issue that will contribute for application availability, security and performance.

This round let look into area that always no so well reports, i.e. database house keeping and why you need to do it often to prevent application downtime due to database availability or performance issues related.

Most people  will start to realize database started growing like crazy, it will go wild if you not do routine house keeping to make it contain in healthy size, which will consume a lot of resources that something at expense of application availability.

When database is growing into size that over taking the application in term of system resources consumption, it is the time it give you the warning you got to do something and database house keeping always in the task list.

Below is few handy and practical tips you may use it to contain your database size.

1. Set the benchmark measure how much data you need to keep in database. You can keep archive out and purge out the database once it reach said your 90 days threshold, those data should remove out from production database.

One good practice I usually see from professional managed companies is that once they  generate reports required, they remove them out from production database. Production database is there to serve operation, it deal with operation data that occur now and need to receive and passing those data at  very fast turn around time. So, just to ensure your application continue to serve you well, off loading old data out from your existing production database.

How frequent it need to do database housekeeping? This is also a common questions being ask. It all depend on whether you are running dedicate database with the application or shared database to serve various application servers. The time data build up within database is another consideration factors. Application that have only one instance of data recording and those that keep thousands of data recording will have different time frame require to perform house keeping before database become the factor that bring down your application. For some, 3 months and other 1 year, it all depend on the database size and the time it take to accumulate data within database.

2. Slicing data one range at a time. One of the practical way to handle database housekeeping is slice data range by range instead of select a very long range of data, where it take lot of resources. You may start by slicing maybe one date range to week, then month or even years, when you know about the database house keeping speed and performance.

Once your database is back to healthy performance state, ensure you keep the routine to do house keeping in the schedule manner.

Off course, out from above still have more ways to deal with database house keeping, such as upgrading to higher horse power system and invested in SAN for the database, but since those solutions look at upgrading the current system and invest in the state of the art new system, we rule them out from the topic, since here we are provide handy tips where no need to incur extra hardware or system, but your time to make sure your database is contain in the healthy performance level.

Read Full Post »

In today’s technology world, security for database has grown extremely. Data security has become an essential for every individual who connect and uses the internet daily to transfer their data. It is necessary to have a requirement which each aspect of the operation performed through internet.

Database Security

Database security is the system that controls the access to database at certain level. The privacy of data is at risk from unauthorized users, which is external sources on the network and internal users within the companies itself.

The above is the security risks that IT professionals should aware of to protect their databases:

i) Privilege Abuse:

When database users take the opportunity for excessive privileges that exceed the        requirements of their job, then these privileges can be deliberately or accidentally being abused.

ii) Legitimate Privilege Abuse:

Through this attack, the hacker with the legitimate privilege that access to the database may misuse the information which stored in the database for their purposes.

iii) Operating System vulnerabilities:

In operating system vulnerabilities, the hacker accomplishes the vulnerabilities in the operating system to let unauthorized access to the database for mischievous reasons.

iv) SQL Injection

It shows that SQL queries are capable to prevent from access controls, by passing through standard authentication, authorization checks and also do grant access to host operating system level commands.

v) Lack of Audit Trails

When proof is weak, hackers can easily get access to database by expecting the identity of the users with strategies which is social engineering and brute force.

To find out an approach to clarify the security threats, that can help your organization to meet your database security, compliance and reporting needs, explore the information given below:

Application Security, Inc. (AppSecInc) was founded in year 2001, AppSecInc was recognized as market leading database security, risk, and compliance solutions for the enterprise. AppSecInc empowers the organizations to protect their most critical database assets.

AppDetectivePro as the leading provider of cross platform solutions for the enterprise for auditors and IT advisors, and DbProtect for the enterprise – deliver the industry’s most comprehensive database security solution.

For more information about AppSecInc – AppDetective Pro and how E-SPIN may consult and assist you on the database security requirement, please contact E-SPIN or

please go to http://e-spincorp.com/espinv3/index.php/application-security

Read Full Post »