The ADC Change Management Module for SecureSphere

Having a change control process in effect for your IT
infrastructure is a daunting task. Change Management helps to relieve the chaos
in an IT infrastructure by having documented processes with how to deal with
patches, updates, new equipment requests, audits, and potential issues that
arise on a daily basis. Change Management is necessary when you have a large
environment and need accountability. Add to this the increasing regulations
placed on business, change control is moving into all areas of the IT
industry. One of the biggest assets of your company is your data. Is that data
protected by change control? If your data was compromised and rogue changes
were carried out, would you know? Does your change management system encompass
this level of protection? If not, Imperva has a solution for you at the
database level with their newly released module.

The ADC Change Management
Module for SecureSphere tracks any changes and/or modifications
that are made to a database’s columns, tables, and indexes in addition to
external objects such as configurations, executables (exe), and registry keys.
This type of change management is necessary in today’s economy due to the
stringent SOX and HIPPA compliance.

Amichai Shulman, CTO of Imperva and head of the
Imperva Application Defense Center says,“Monitoring, detecting, and recording
database changes is no longer just a security best practice, but a regulatory requirement
in many industries. The ADC Change Management Module for SecureSphere performs
the complex and manually intensive operations required to track changes,
identify unauthorized exceptions, and maintain audit-ready records of database
modifications.”

Having
a tighter control of who is accessing your database and the ability to track
movements makes this module so inviting. It allows you to have change
management at the full spectrum of your IT infrastructure.

For
example, adding a new user to the database is a common practice. The Creation
of system administration accounts on production systems is usually a simple
process. However, while creating an authorization and verifying that the
appropriate action was taken is easily traceable, there is usually no way to
detect if someone creates a user on the database without authorization. The
Imperva Change Management Module can monitor this action (or class of action)
and flag it as unauthorized. This is a type of change control that you could
not have prior to this module. It makes this module very powerful.

Another
example is creating or modifying database lever scripts. Databases rely on
various scripts and executables that run at elevated privileges for normal
operation. A rogue element may manipulate scripts or replace the default
executables with malicious ones to perform actions that are destructive. The
Imperva Change Management Module monitors the critical configuration files,
scripts and executables that may be manipulated and flags any changes made to
these.

According
to Mark Kraynak, Director of Product Marketing, “The goal of change management
is to minimize the negative impact of change-related incidents and improve IT
operations. Organizations often have change control processes in place for
general IT infrastructure changes, but lack the tools that can track database
changes in-depth; the result is a "blind spot" relative to how
critical data management systems are maintained.”

He
goes on to say that “SecureSphere tracks changes to databases at a granular
level that takes into account the unique context of how databases operate and
are managed. This provides the visibility to demonstrate the control needed
for regulatory compliance as well as helps the organization to avoid
change-related outages and security incidents.”

In a January 10, 2007, a report by Gartner said,
“Audit and compliance needs are driving new functionality in the areas of
broader change detection and reconciliation to approved change requests.
Configuration auditing can detect when configuration settings drift from
standard settings or policies, but change detection must be broader than what
is explicitly defined as the desired state.”

What
does the ADC Change Management Module do? It performs the following:

  • Performs an initial assessment that reads the state of critical
    objects (files, scripts and registry keys) on the system
  • Detects objects that were added to the system
  • Detects objects that were changed on the system
  • Detects objects that were removed from the system
  • Detects changes that occurred in the Windows registry for Windows
    systems
  • Monitors for the latest list of critical files necessary for
    system operation (based on continuously up-dated signatures from the Imperva
    Application Defense Canter)

The ADC Change Management Module supports the
following databases and operating systems:

  • Oracle files on Linux
  • Oracle files on
    Windows
  • Oracle registry keys
    (on Windows)
  • DB2 files on Linux
  • DB2 files on Windows
  • DB2 registry keys (on
    Windows)
  • MS-SQL files (on
    Windows)
  • MS-SQL registry keys
    (on Windows)
  • Sybase files on
    Windows
  • Sybase registry keys
    (on Windows)

About Imperva

“Imperva is the global leader in data security
and compliance solutions for the data center. The Imperva product line provides
an automated and transparent approach to protecting and controlling sensitive
data throughout transactional data systems. The Imperva database and Web
application appliances are deployed in leading financial, retail,
telecommunications, healthcare, and government organizations around the globe.
Founded over five years ago by Shlomo Kramer, recently named one of the 20 luminaries who changed the network
industry, Imperva is a solid, privately held company with growing revenues and
backing from Accel Partners, Greylock Partners, US Venture Partners, and
Venrock Associates. For more information, visit www.imperva.com.”

»


See All Articles by Columnist
Steven S. Warren

Steven Warren
Steven Warren
Steven S. Warren is a popular author residing in Winter Haven, Florida with his wife Danna and 2 children: Catie-Charlotte and Dain. As a columnist on such well-known IT web sites as Techrepublic.com, CNET, and ZDNET, Steven has published numerous articles. Additionally, Steven holds the following certifications: MCDBA, MCSE, MCSA, CCA, CIW-SA, CIW-MA, Network+, and I-Net+. As a Senior Technical Consultant for The Ultimate Software Group, Steven has become an expert at administering Microsoft networks including Microsoft SQL Server. He is also a computer hardware and troubleshooting expert, and is constantly seeking out new technologies and certifications. Additionally, Microsoft recently awarded him the Most Valuable Professional (MVP) award for his outstanding achievements. Steven resides in Winter Haven, Fl.

Latest Articles