Bankers would be considered negligent if they locked a bank's outer doors and left the vault door open at night. Likewise, it doesn't make sense for an enterprise to lock down the network and leave databases vulnerable. Selectively protecting your most sensitive data that is at rest in databases from unauthorized access is critical, since that is where 90% of sensitive information resides.
There is an important distinction between network security and data security. Database security does not supercede other security technologies, such as network-layer firewalls, network monitoring, SSL-secured communications, operating system and application hardening. But data protection needs to be in place as the core element of a complete enterprise security infrastructure. There is a growing awareness of encryption technologies as tools to protect critical corporate data.
The article continues at