Chief Information Security Officer at a computer software company with 51-200 employees
Real User
Top 20
2023-07-11T09:31:00Z
Jul 11, 2023
We are a healthcare company and data breaches are the only real risk that we are afraid of. We hold a lot of sensitive customer data and cannot afford a data breach. We haven't had issues with downtime, but data breaches are a concern. Third parties access our production environment, so it's a challenge to manage the data flows. It was challenging to keep track of where our personally identifying information is located and who is accessing it. We are potentially exposed if someone is abusing the data located in the production environment. We need an accurate accounting of all the third parties using our PII and the associated risks. For example, if someone is moving production data to a lower-level environment or a testing environment, this is a huge risk because it involves multiple consultants and potential violations of our contractual obligations. Flow Security is fully cloud-based, but there is also an on-premise component that enables us to keep sensitive data within our internal environment. Our cloud security team implemented the system. About six admins are responsible for the solution. The cloud security team owns and maintains the system, but the SecOps team checks the alerts and responds. Members of our compliance team also have access.
What is database security? Database security consists of a range of security controls, tools and practices designed to protect the database management system (DBMS). There are several security measures your organization should implement, from protecting the physical infrastructure holding the servers to securing the network and access to the data.
Database security tools and practices should protect:
Data inside the database
The database management system
Data in transit from and to...
We are a healthcare company and data breaches are the only real risk that we are afraid of. We hold a lot of sensitive customer data and cannot afford a data breach. We haven't had issues with downtime, but data breaches are a concern. Third parties access our production environment, so it's a challenge to manage the data flows. It was challenging to keep track of where our personally identifying information is located and who is accessing it. We are potentially exposed if someone is abusing the data located in the production environment. We need an accurate accounting of all the third parties using our PII and the associated risks. For example, if someone is moving production data to a lower-level environment or a testing environment, this is a huge risk because it involves multiple consultants and potential violations of our contractual obligations. Flow Security is fully cloud-based, but there is also an on-premise component that enables us to keep sensitive data within our internal environment. Our cloud security team implemented the system. About six admins are responsible for the solution. The cloud security team owns and maintains the system, but the SecOps team checks the alerts and responds. Members of our compliance team also have access.