- Forrester Councils
- Councils Overview
- log in
Posted by Andrew Jaquith on March 3, 2009
In the next few weeks, Forrester Research will release my report, Forrester TechRadar: Database and Server Data Security, Q1 2009. In this report, we describe how the risks of theft, corruption and abuse has made securing data stored on servers and in databases much harder. To help security and risk professionals plan their next decade of investments in server data security, the report describes current and future state of 8 important technologies: centralized key management, data classifiers for security, data discovery scanners, data obscurity tools, database activity monitoring, database encryption, outbound web application filtering, and tape and backup encryption.
As part of the process of researching some of the business drivers for this report, I analyzed data from DataLossDB, a public database containing information on data loss events reported in the press and to governmental organizations as required by various disclosure laws. The data makes for fascinating study, and I urge our readers to take a look at it if they want to see what's been going on in the whole area of data breaches. Best of all, I know some of the principals involved in the project, and they are doing a terrific job.
Some of the analysis nuggets we mined from the database are fascinating. I thought I'd share one here, as excerpted from the report:
So the punchline is this: if you believe the numbers (and my analysis), servers tend to be 8-10x more radioactive than endpoint computers. I will likely be recommending a few methodological changes to the DataLoss DB schema to capture a few more pieces of information and make analyses such as mine more credible.
In the meantime, I'd love to hear from blog readers on the subject of data breaches. What kinds of data are "toxic" for your organization? How are you protecting them? We'd like to hear from you.
Lead BT Transformation
Develop customer-obsessed strategies to drive growth »
Forrester's CX Index
Predict how actions to improve CX will affect revenue performance.
Measure the customer experiences that matter most »