Sybase security benchmark

The Center for Internet Security (CIS) announced on Thursday that the wide release of the consensus security benchmark for its premiere, corporation-level relational database management system (RDBMS)—the Sybase Adaptive Server Enterprise (ASE)—to the public. This new benchmark remains the sole regulatory management guide available that effectively secures the Sybase ASE databases' configurations.

In any event, the release of the configuration guide is good news to more than thirty-four thousand enterprise customers and 91 of the Fortune 100 companies that utilize Sybase ASE for their enterprise mobility, mobile messaging, analytics, and data management solutions. Moreover, the Sybase ASE 15.0's Security Configuration Benchmark offers the finest configuration setting proposals that covers over six security classes.

•    Network and Host Deployment
•    Extensibility Mechanisms
•    Reporting, Logging, and Auditing Mechanisms
•    Database Resource Permissions
•    Network Security Mechanisms
•    Authentication Mechanisms

The benchmark was mostly developed via a consensus

investigation process that includes contract and volunteer subject matter experts. These participants offered a lot of insight, feedback, and perspective from various background sets such as legal, government, software development, audit and compliance, operations, security research, and consulting. CIS benchmarks are mainly user-driven, which means that they're a lot more accepted and adopted in academia, industry, business, and government than other benchmarks when it comes to making a solid foundation for network configuration and enterprise system policies.

By basing their security regulations on these well-researched and consensus standards, security experts and professionals will be able to save thousands of dollars worth in custom policy development; there's no need to reinvent the wheel when there's a highly cost-effective benchmark available that you can use to streamline the security of your databases. Indeed, these products encourage conformity and compliance by using the configuration stipulations of standards like ISO and PCI as well as regulations such as Sarbanes-Oxley, HIPAA, GLBA, and FISMA.

According to John Heasman, Vice-President of Research at Next Generation Security Software, the foundation of a premium-grade, industry-standard data security policy must guarantee that the databases themselves are set to be as protected from fraud and compromise as possible. Security must not be considered as a performance hindrance or unnecessary expense. The advanced protection features found in Sybase servers are there for a reason; they protect your investment and maximize your data management capabilities.