Protect My Database offers a real-time usage approach to continuous monitoring which is identified as one of six steps in the Risk Management Framework (see diagram below) described by the National Institute of Standards and Technology. The overall objective of a continuous monitoring program is to act as a tool for checks and balances to validate that security controls within an information system continue to be effective over time. Continuous monitoring is a critical process in assessing the security impacts on an information system resulting from the threat space.
The ongoing determination and acceptance of information system security‐related risks remains the primary responsibility of IT and IS departments. Continuous monitoring activities, like those provided by Protect My Database, contribute to helping make a more holistic security system but certainly do not replace the general front end security authorization process.
Continuous monitoring is an important component in the risk management process, however in and of itself, does not provide a comprehensive, enterprise‐wide risk management solution, but rather, it should be used along with front end security programs.
Front‐end security focuses on building security into information technology products and systems early in the system development life cycle. Better front‐end security results in fewer weaknesses and deficiencies in information systems, directly translating to a lesser number of vulnerabilities that can be exploited by threat sources. Back‐end security, exemplified by Protect My Database’s continuous monitoring solution, focuses on the effectiveness of the implemented security controls by monitoring data usage activities and ultimately identifying any misusage of data.
A well‐designed and well‐managed continuous monitoring program can effectively transform an otherwise static risk determination process into a dynamic process of checks and balances that provides near real‐time security status‐related information to authorized employees on a real-time basis. Understanding the security state of information systems is essential in protecting the sensitive nature of data and protecting the intellectual property. Should data leakage occur due to weaknesses in the front end, Protect My Database’s continuous monitoring solution will identify leakage so that proper mitigation activities can occur to eliminate data leakage/loss.
We invite you to review the continuous monitoring programs and services we provide to help safeguard your database assets. Contact the team at Protect My Database to put our expertise to work for you.