Home Sponsored Announcements 7 Ways to Ward Off Insider Threats

In this article, Tim Macdermid from MarkLogic outlines the steps organisations need to take to ensure the data itself stays secure within the database.

We hear regularly about confidential information leaking into the public domain by organisations thought to have the toughest security in place. In fact, sixty-nine percent of enterprise security executives reported experiencing an attempted theft or corruption of data by insiders in the past year, according to Accenture and HfS Research.

Add in the numerous other breaches reported of late and the message is clear: securing the perimeter doesn’t always work.

Since the database sits at the core of any enterprise operation – and as it is responsible for leveraging and sharing data securely and privately across internal and external borders – it arguably holds the most power and requires the most protection from the growing issue of insider threats.

Here are steps organisations can take to ensure the data itself stays secure within the database:

  •     Advanced Encryption:  This sophisticated level of encryption protects data from hackers and insider threats using standards-based cryptography, advanced key management, and automatic and fast granular key rotation. It helps to provide separation of duties between the security administrator and any system, network, or database administrator – a key security principle.
  • Element Level Security:  Allows specific elements of documents to be hidden from particular users, providing an even more granular level of security over traditional document-level security. The increased line by line granularity means greater data protection.
  • Redaction:  Eliminates the exposure of sensitive information, such as personally identifiable information. Redaction does this by removing, replacing, or blocking out sensitive information in order to prevent leakage or the violation of laws or regulations. Most importantly, it gives organisations the assurances they need to share data safely.
  • Standards Focus:  Standards Focus security includes features like Common Criteria Certification, compartment security and data auditing, as well as strict access controls and authentication that works with the organisation’s existing IT infrastructure. Common Criteria is an internationally recognised International Standards Organisation (ISO/IEC 15408) used by governments and other organisations to assess the security capabilities of technology products.
  • Principle of Least Privilege:  The requirement that within a particular layer of a computing environment, a user, program, or process only has access to the information and resources necessary to do the job. This includes app security controls around APIs and security capabilities as provided by the database.
  • Effective Data Governance Policies:  It’s important to implement and follow effective data governance policies and best practices such as maintaining access controls, metadata, data quality, and security features. When attributes can travel with the data, as is the case with an operational and transactional enterprise NoSQL database platform, then the policy enforcement can be more granular and effective.
  • The Strongest Available Authentication:  Using the strongest or highest level of authentication ensures the security and quality of the data. Examples of this type of authentication include, LDAP, Kerberos and an external Key Management System.

We live in an era of constant data breaches that often occur from within an organisation. But deploying the latest in data security technologies can help organisations protect against insider theft and negligence. MarkLogic’s industry-leading data security features like advanced encryption, element level security and redaction mean that customers can be confident that their data is not only highly available and manageable, but secure as well.

For more information about MarkLogic 9 – the latest release of next generation database technology – visit www.marklogic.com/what-is-marklogic/whats-new.

About MarkLogic

For over a decade, organisations around the world have come to rely on MarkLogic to power their innovative information applications. As the world’s experts at integrating data from silos, MarkLogic’s operational and transactional Enterprise NoSQL database platform empowers our customers to build next generation applications on a unified, 360-degree view of their data. Headquartered in Silicon Valley, MarkLogic has offices throughout the U.S., Europe, Asia, and Australia. For more information, please visit www.marklogic.com.

For further media information, interviews or images, please contact: Dana O’Neill, PR for MarkLogic, dana@speakeasystrategies.com.


With 4 keynotes + 33 talks + 10 in-depth workshops from world-class speakers, YOW! is your chance to learn more about the latest software trends, practices and technologies and interact with many of the people who created them.

Speakers this year include Anita Sengupta (Rocket Scientist and Sr. VP Engineering at Hyperloop One), Brendan Gregg (Sr. Performance Architect Netflix), Jessica Kerr (Developer, Speaker, Writer and Lead Engineer at Atomist) and Kent Beck (Author Extreme Programming, Test Driven Development).

YOW! 2018 is a great place to network with the best and brightest software developers in Australia. You’ll be amazed by the great ideas (and perhaps great talent) you’ll take back to the office!

Register now for YOW! Conference

· Sydney 29-30 November
· Brisbane 3-4 December
· Melbourne 6-7 December

Register now for YOW! Workshops

· Sydney 27-28 November
· Melbourne 4-5 December



Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips



Popular News




Sponsored News