All Posts By: MarkTrinidad

What Every Database Administrator Should Know About Security

[The following is excerpted from "What Every Database Administrator Should Know About Security," a new report posted this week on Dark Reading's Database Security Tech Center.] To say that there is friction between security professionals and database administrators (DBAs) is putting it mildly. Database administrators are both the caretakers of database platforms and the managers of data. Very seldom are they also security experts. In many enterprises, the DBA and the security team find themselves at odds because the DBA is…

Click for complete article >>

De-FUD-ing Privileged User Management

I am proud to write this column for Dark Reading. The biggest reason is I get to share two decades of stuff I’ve seen with databases and security with you, and it starts really good conversations every time I attend security conferences and meet readers face-to-face. I can share perspective, help clarify issues around database threats, and explain the pros and cons of database security products. On occasion, I even get to call BS on things I believe only confuse DBAs and…

Click for complete article >>

Commercial Privacy Bill of Rights or Wrongs?Team Shatter Exclusive

Privacy Bill of Rights

Let’s take a closer look at the recently proposed Kerry-McCain Consumer Privacy Bill of Rights 2011 and what it means to database security, risk and compliance (SRC).  You can read the full text here from Senator Kerry’s website.  As I start to review the bill, I am keen to reference the Schoolhouse Rock, I’m Just A Bill video since this particular bill may not go anywhere in its current form, as other bills have done in the past. So what…

Click for complete article >>

PCI DSS 2.0: Is it 2.0 worthy?Team Shatter Exclusive

pci 2.0 2

It’s just about two months since PCI DSS 2.0 was released.  And it wasn’t that hard to digest the new changes.  You can read the summary of changes directly from PCI SSC website or have a look at a nice summary of changes from Branden Williams. Yes or no?  Is this updated version worthy of a 2.0?  I would say no.  Sure, some clarifications were made about technology and about specific wording in the test procedures themselves, but no, this…

Click for complete article >>
Powered by