Alan Greenspan, former Chairman of the US Federal Reserve, said of the recent global banking crisis
“It’s human nature. Unless somebody can find a way to change human nature then we will have another crisis. This crisis will happen again” (Reuters September 9, 2009).
The same risk which exposed banks worldwide to the abuse of human nature also applies to anyone who has access to, or can access, any database. Greed, Revenge, Economic Hardship, Planned Fraud, Crime and Dishonesty are also key human attributes which can be proven to have perpetrated some of the major data breaches which have happened in the last few years which could potentially threaten the source of every database of every organisation today.
If someone has the ability, the desire and, more importantly, the opportunity to fraudulently or maliciously change the content or security structure of an organisations databases for their own personal gain, or to the detriment of an organisation, they will. That is why Audit Committee Chairmen, Board Directors and the Internal Audit, Risk & Compliance, Data Protection, Financial Crime, Fraud and IT Security functions within many organisations need to have independent controls away from the operational side of the business to immediately report the source of anything happening on their databases which could affect both the integrity and sustainability of the organisation.
So, whether it is the audit observation of an external audit firm or the regulatory requirement of an industry governing body, having independent database activity monitoring and database vulnerability & configuration controls on your databases is more than just good business practice – it protects your organisation against the ultimate impact of database abuse.
Do not become another statistic on a data breach website, in the local news or even in the global news. Take actions now to ensure that you have the best, cost effective solutions in place to help prevent theft or misuse of your data. Contact Cervello Consultants to help you devise your data audit solution.