Home > In the News > Imperva Provides 360 Degree Protection Against Insider Database Threats

Press Release

May 27, 2009

Imperva Provides 360 Degree Protection Against Insider Database Threats

Press Release

May 27, 2009

SecureSphere Database Firewall Locks Down and Locks Out Privileged Users that Violate Security Policies

Redwood Shores, Calif., May 27, 2009 – Imperva®, the data security leader, today announced new insider abuse protection capabilities for its SecureSphere Data Security Suite and Database Firewall solutions. In addition to its existing network-based monitoring and blocking of unauthorized activity by trusted insiders, SecureSphere can now terminate local user activity and quarantine user accounts in the event of a security policy violation. This extends Imperva’s unmatched database protection to a full 360 degrees.

The current economic recession is straining employee-employer loyalties and raising the threat that insiders may abuse their data access privileges. Earlier this month, the former IT director for a nonprofit organ and tissue donation center pleaded guilty to a charge that she broke into the organization’s computer network and deleted organ donation database records, invoice files, and database and accounting software. These types of incidents reinforce the need for database activity monitoring that is divorced from the server so it can not be disabled, and spans all user groups, including those with elevated privileges like database administrators.

“SecureSphere has always provided the most complete network-based database protection capabilities for privileged and non-privileged users, as well as some core local activity monitoring,” said Amichai Shulman, CTO of Imperva. “To address the growing risk of insider abuse, we have boosted SecureSphere’s ability to detect, block, and prevent subsequent attempts by privileged users to breach security policies through direct access to the database server. With local activity termination and user account quarantine, we truly provide 360 degree data protection.”

Local Lockdown

To protect sensitive database records from intentional or unintentional abuse by insiders, SecureSphere can terminate unauthorized activity by privileged users even when these operations take place directly on protected servers. SecureSphere enables security teams to create very granular security rules to define acceptable use policies for users with elevated privileges such as database administrators. In the event that a policy is violated, SecureSphere prevents the activity from occurring. SecureSphere can be configured to block a single unauthorized event, as well as prevent new connections from the same user. This ensures that a user who has violated security policy remains blocked when accessing the database via an application which can automatically renew its connections.

Quarantine Suspicious Accounts

In addition to local activity termination, SecureSphere can quarantine users by removing their RDBMS privileges. Privileged account quarantine not only ensures that a specified user is unable to execute any further actions, but also removes their ability to login to the database. To reinstate a quarantined account, a security review is required before it can be reactivated. This capability allows IT security departments to stop insider data breaches at the source, and prevent any subsequent attempts by the same individual to compromise the company’s assets.

Pricing and Availability

The Imperva SecureSphere Database Firewall, also offered as part of the Data Security Suite, with local activity termination and user account quarantine is available immediately from Imperva and its business partners worldwide. Pricing starts at $45,000 USD.

About Imperva

Imperva, the Data Security leader, enables a complete security lifecycle for business databases and the applications that use them. Over 4,500 of the world’s leading enterprises, government organizations, and managed service providers rely on Imperva to prevent sensitive data theft, protect against data breaches, secure applications, and ensure data confidentiality. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring from the database to the accountable application user and is recognized for its overall ease of management and deployment. For more information, visit www.imperva.com.

# # #

Imperva and SecureSphere are registered trademarks of Imperva, Inc. All other brand or product names are trademarks or registered trademarks of their respective holders.

Editorial Contact

Neil Stinchcombe, Eskenzi PR Ltd.
Tel: +44(0)2071 832 833
neil@eskenzipr.com

Press Contact

impervaPR@imperva.com

This is for media inquiries only. For product and sales, please call: +1.866.926.4678.

Contact PR

The importance of a resilient CDN for digital performance

Imperva named a security leader in the SecureIQlab CyberRisk Report

IDC Spotlight: Effective Multicloud Data Security

Global DDoS Threat Landscape Report

The State of Security within eCommerce 2022

Imperva reimagines partner program: Imperva Accelerate

Protect your Cloudera data with Imperva

Quálitas continues its quality services using Imperva Application Security

Discovery Inc. tackles data compliance in public cloud

New Vulnerability in Popular Widget Shows Risks of Third-Party Code

Cyber Threat Index

Browse the Imperva Learning Center for the latest cybersecurity topics

Imperva ESG Reports