Imperva Blog|Login|中文Deutsch日本語

White Papers

Selected Tag: Data Security | Show All

Download White Paper

How Malware and Targeted Attacks Infiltrate Your Data Center

Advanced targeted attacks leverage social engineering techniques and malware to bypass the security perimeter and compromise those individuals already on the inside of your enterprise. It only takes one infected employee to unknowingly unleash an attack on your entire network. This white paper will examine the seven stages of an advanced targeted attack, explore why traditional defenses, such as firewalls and IPS solutions lack the application and data focus needed to protect data center assets, and outline the functionality required to safeguard your organization from targeted attacks.

Tags: Malware, Data Security, Database Security, IPS, Firewalls

Download White Paper

Data Protection Under POPI

6 Step Data Privacy Protection Plan for the South African Protection of Personal Information (POPI) Bill

Is your organization ready to address the South African Protection of Personal Information (POPI) bill? POPI prescribes information protection principles to regulate collection and processing of South African citizens' personal data. In this paper, we review POPI's eight principles and discuss how best to address those with practical data security processes and solutions.

Tags: POPI, Data Security, Database Security, PII, Data Breach, Compliance

Download White Paper

SharePoint Governance and Security: Where to Start

SharePoint is a complex platform experiencing explosive growth in adoption, exposure, and storage of sensitive content. Consequently, SharePoint security and governance are under greater scrutiny at the executive level and require immediate mitigation actions. The phased, risk-based perspective outlined in this paper aligns investments and priorities to accomplish the greatest security return for existing SharePoint deployments. Security plans should include both preventative and analytical capabilities and incorporate automated tools to provide controls and information that cannot be addressed practically by native SharePoint functionality or corporate resources.

Tags: SharePoint, Data Security, Database Security, Government, Compliance

Download White Paper

Data Privacy: The High Cost of Unprotected Sensitive Data

Today, organizations face a heightened threat landscape with data breaches constantly on the rise. Financial records, medical records, personally identifiable information (PII), and other private business data exist in virtually every enterprise data center. Failing to safeguard the databases that store this information can damage your reputation, impact your operations, and result in regulatory violations, fines, and legal fees. This white paper will (1) present 6 steps to automate and enforce enterprise data privacy policies (2) identify the database security tools needed to accomplish each step (3) highlight Imperva's market-leading SecureSphere Data Security Suite.

Tags: Data Privacy, Data Security, Data Protection Plan, Database Security, Personally Identifiable Information, PII, Compliance

Download White Paper

Six Techniques for Mitigating Insider Threats

How do you protect business data from trusted individuals who choose to abuse their privileges for personal or financial gain? And, what about users whose computers or personal devices have been compromised by malware, giving hackers access to your sensitive business data? Start by asking yourself the six questions in this whitepaper to help your organization determine if you've got insider threats under control.

Tags: Data Security, Insider Threats, SOX, PCI, Database Activity Monitoring

Download White Paper

Advanced Persistent Threat - Are You the Next Target?

Security researchers have been talking about advanced persistent threat (APT) for some time. Recently, we have seen a steep increase in the number of organizations hit by this type of attack. Initially, researchers thought APTs were mostly aimed at government agencies or political targets, but the latest attacks on enterprises suggest that APTs are not confined to a specific type of organization or sector.

Tags: Data Security, Insider Threats, Advanced Persistent Threat, APT, User Rights Management, Risk Management

Download White Paper

Implementing Security Controls for addressing DHS Sensitive Systems Policy Directive 4300A

This paper reviews how SecureSphere enables DHS components to implement the technical controls described in chapter 5 of the DHS 4300A Sensitive Systems Handbook. With SecureSphere Data Security Solutions, DHS components can facilitate detection of security violations, and support security requirements for applications and data, including Identification and Authentication, Access Controls and Auditing.

Tags: Data Security, Access Controls, Auditing, Government, DHS, 4300A, Database Security, Security Controls, Sensitive Systems Handbook

Download White Paper

Compliance with the HIPAA Security Rule - Meeting the Electronic Code of Federal Requirements

The HIPAA Security Rule establishes national standards to protect individuals' medical records and other personal health information. In this paper we review the security standards for protection of e-PHI as listed under part 164 of the 45 CFR, and map SecureSphere Data Security Suite solutions to the specified requirements described in these standards.

Tags: Data Security, Compliance, HIPAA, Government, e-PHI, Database Security

Download White Paper

How to Secure Your SharePoint Deployment

This paper presents five best practices for securing your SharePoint environment. It discusses how SecureSphere for SharePoint can help organizations get the most out of SharePoint's existing permissions system, and fill some of SharePoint's security gaps.

Tags: SharePoint, File Security, Compliance, Auditing, Unstructured Data, Data Security

Download White Paper

Meeting NIST SP 800-53 Guidelines

This paper reviews information security requirements described by NIST in SP 800-53. It discusses the main implementation challenges organizations struggle with. The paper also maps key capabilities of Imperva's SecureSphere Data Security Suite to NIST SP 800-53 guidelines, describing how SecureSphere solutions can be used to implement required controls, manage risk to federal information and demonstrate compliance.

Tags: Data Security, Compliance, NIST, FISMA, NIST SP 800-53, Government

Download White Paper

Cutting IT Operations Costs for Unstructured Data

Market analysts estimate that 80% of all enterprise data is unstructured and that unstructured data will grow tenfold in the next five years. Crushed under the weight of these files are the IT organizations tasked with managing and securing them. Operationally, it's nearly impossible to keep track of who is creating all of these business documents, who owns them, and who can - and is - accessing them.

Tags: File Security, Data Security, Unstructured Data, IT, ROI

Download White Paper

The Industrialization of Hacking

Today, hacking is $1T industry -- up from a few billion just three years ago. In 2007, professional hacking represented a multibillion-dollar industry. At present, this same industry posts -- in stolen data, IP and financial gain -- more than one trillion in value. What explains this rapid growth? Industrialization. Just as the Industrial Revolution advanced methods and accelerated assembly from single to mass production in the 19th century, today's cyber crime industry has similarly transformed and automated itself to achieve scalability and increase profits.

The industrialization of hacking coincides with a critical shift in what's considered today's prized commodity: data.

Tags: Cyber Crime, Data Security, Hacking, Automated Attacks

Download White Paper

Data Security Study: Consumer Password Worst Practices

In December 2009, a major vulnerability was discovered in By examining a hacker's blog, a major vulnerability was discovered that led to the breach of 32 million passwords and the hacker posted to the Internet the full list of the 32 million passwords (with no other identifiable information). The data provides a unique glimpse into the way that users select passwords and an opportunity to evaluate the true strength of these as a security mechanism. Further, never before has there been such a high volume of real-world passwords to examine. The Imperva Application Defense Center (ADC) analyzed the strength of the passwords.

Tags: Database Security, Data Security, Threats

Download White Paper

Top 10 Guide to Data Security for Federal Agencies

Web application and database security remains one of the most vulnerable areas across federal agencies as well as the private sector in virtually every geography and business vertical. An essential difference between enterprises and federal agencies is the attacker.

Irrespective of attacks from inside or outside an organization data remains the prize. Traditional network security controls while valuable and necessary simply don't scale to address data-centric attacks, and organizations need to augment them with data-centric solutions focused on the targets: Web applications and databases. But federal agencies are not just focused on security - they also need to demonstrate compliance to both agency and congressional mandates.

Tags: Government, Federal, Compliance, FISMA, SOX, PCI, GLBA, HIPAA, NERC, Data Security

Download White Paper

Top 10 Guide for Protecting Sensitive Data from Malicious Insiders

For years, organizations have worked diligently to lock down their perimeters only to find out that the most devastating enemy is already inside.

Insider threats, both careless and malicious, abound. This fact is amplified during difficult economic times. With a plethora of digitized information, and vehicles for turning credit card data, personally identifiable information and intellectual property into cash, goods, and other services, risks have increased. It's no wonder that we're hearing about a growing number of attacks where the target is sensitive data, and the perpetrators are those with evaluated levels of trust and access: insiders. This guide will explore the top ten ways to protect sensitive data from the very people that need access to it. While this is a difficult problem to address, it is not impossible -- especially when leveraging the right tools.

Tags: Insider Threat, Threats, Sensitive Data Protection, Database Security, Data Security

Download White Paper

Protecting Databases from Unauthorized Activities

The threat of compromising sensitive information either by leakage or unauthorized changes is driving compliance regulations such as Sarbanes-Oxley (SOX), the Payment Card Industry Data Security Standard (PCI DSS), and others, which require organizations to implement strong database access controls.

Tags: Compliance, Data Security, Database Security, PCI, SOX

Download White Paper

Imperva Data Security and Compliance Lifecycle

SOX and other regulatory legislation are increasingly expanding formal enterprise audit processes to include information technology (IT) assets, especially databases. Imperva's Data Security and Compliance Lifecycle provides step-by-step best practices for implementing database controls and web application security.

Tags: Data Security Lifecycle, Compliance Lifecycle, Audit, Best Practices

Selected Tag: Data Security | Show All

Term of the Month