Welcome!

Hi-tech Highway

Josh Litvin

Subscribe to Josh Litvin: eMailAlertsEmail Alerts
Get Josh Litvin via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Article

DBmaestro CEO: Database Development without Enforced Roles Is a Risk

Prevention of in-house changes by unauthorized users and misused credentials, vital to Database security.

DBmaestro (www.DBmaestro.com), a provider of DevOps for Database solutions held a year-end company function. CEO Yariv Tabac addressed the gathering and laid out his thoughts on the necessity of roles and responsibilities in Database development. "Companies must adopt a good database change policy which allows them to follow and monitor every change to the database and enforce it with a comprehensive end to end DECM (Database Enforced Change Management) solution", said Tabac. "Failure to do so opens up the database to a major security threat from within the company"

"Security is an integral part of the DevOps model", continued Yariv Tabac, "DevOps is not only for developers and operations but also security. It allows us to introduce security earlier in the development process, and increase the security of the code that ultimately reaches production. The earlier the security is injected, the more likely the product will be to hold up against an attack. A crucial security layer is the ability to prevent unauthorized changes to the database structure and the data it contains, including unauthorized changes by users who do have authorization to access the database."

Mr Tabac also questioned why databases compliance auditing is not standard, as it is with firewalls "The Database is one of the most significant and critical assets of any company. It is irresponsible not to include it in the auditing process. I predict a shift in the coming year towards an increase in Database auditing and I see the possibility of it becoming mandatory. Every change to the application structure must be documented for accountability, compliance and tractability of changes."

DBmaestro's enhanced security mechanism controls changes to Oracle database objects by letting you easily define a database change policy. This prevents undocumented database changes, controls who can do what, and records what they did and when they did it. It also enables the administrator to grant each user different access levels in different environments. DBmaestro's enhanced permission management facility provides you with full control over who can implement changes in a database. This lets the administrator proactively prevent unauthorized changes to database schemas and related objects by giving users permission to change only certain parts of each schema.

About DBmaestro

DBmaestro is the pioneer and leading provider of DevOps for Database solutions which enable control of databases. Its flagship product, DBmaestro Teamwork, is the leading Database Enforced Change Management (DECM) solution that empowers Agile team collaboration through enforcing change policy and best practices. DBmaestro Teamwork enables continuous development, continuous release and continuous deployment processes. This eliminates the number of potential risks threatening database development and deployment by 60% and reduces deployment costs by 95%.

 

DBmaestro's solutions are deployed at major international companies including VISA, MasterCard, Knight Capital, Thomson Holidays, Bank Leumi and others.

More Stories By Josh Litvin

Yaniv Yehuda is the Co-Founder and CTO of DBmaestro, an Enterprise Software Development Company focusing on database development and deployment technologies. Yaniv is also the Co-Founder and the head of development for Extreme Technology, an IT service provider for the Israeli market. Yaniv was a captain in Mamram, the Israel Defense Forces computer centers where he served as a software engineering manager.