Aberdeen Group Reports that Best-in-Class Organizations who Implement Internal Controls Suffer Fewer Data Loss Incidents

REDWOOD SHORES, Calif., December 10, 2008 – Imperva®, the leader in application data security, today announced that key findings in a new independent benchmark report conducted by Aberdeen Group reveal that monitoring privileged database users significantly reduces data loss. In a newly published survey report of more than 120 enterprises entitled ‘Protecting the Database: When (Most of) the Eggs are in One Basket,’ two thirds of the organizations rated Best-in-Class who monitor privileged insiders suffered fewer data loss incidents. The report was sponsored by Imperva.

Of the Best-in-Class organizations surveyed by Aberdeen, two thirds reported that they:

  • Monitor database administrator activities
  • Enforce separation of duties for database administrators
  • Block database activities that are in violation of established policies

In comparison, less than one third of organizations ranked as Laggards in the survey monitor privileged insiders.

Organizations with Best-in-Class performance at protecting the database enjoyed substantial year-over-year advantages over those with lagging performance, including:

  • 8% fewer incidents of data loss or data exposure related to database security
  • 10% fewer audit deficiencies related to database security

“In this study, respondents estimated that databases are the repository for nearly two-thirds of their sensitive data, so it’s no surprise that the results show organizations that monitor privileged user activity suffer fewer data losses,” said Derek E. Brink, vice president and research fellow for IT Security, Aberdeen. “The payoff for monitoring insiders can be significant from several perspectives, including security, risk management, compliance and cost.”

“This Aberdeen report establishes and quantifies the risk organizations are taking by not monitoring the actions of privileged insiders, as well as the payback for companies that implement database activity monitoring,” said Mark Kraynak, senior director of strategic marketing for Imperva. “Unlike native database auditing mechanisms, a database monitoring product like Imperva SecureSphere cannot be turned off by a privileged user or database administrator to cover up illicit activities.”

To download a complimentary copy of the report ‘Protecting the Database: When (Most of) the Eggs are in One Basket’ please visit: visit http://www.imperva.com/go/aberdeen .

About Imperva

Imperva, the Data Security leader, enables a complete security lifecycle for business databases and the applications that use them. Over 4,500 of the world’s leading enterprises, government organizations, and managed service providers rely on Imperva to prevent sensitive data theft, protect against data breaches, secure applications, and ensure data confidentiality. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring from the database to the accountable application user and is recognized for its overall ease of management and deployment. For more information, visit www.imperva.com.

# # #

Imperva and SecureSphere are registered trademarks of Imperva, Inc. All other brand or product names are trademarks or registered trademarks of their respective holders.

Editorial Contact

Marc Gendron
(781) 237-0341
marc@mqpr.net