2010年7月29日，Forrester發布了一份《建立企業數據庫安全計劃》的報告。摘要如下：

Hackers continue to break into critical databases across the globe, largely because of gaps in database security implementations and lack of cohesive controls. Although enterprises can pass high-level compliance audits by enabling a few database- and-application level security controls, that's not good enough when it comes to preventing growing attacks or even passing audits that span more than a few applications. A key component missing from many organizations — one that can uncover security holes, flush out vulnerabilities, and improve overall data security — is database security planning. While organizations often have an information security plan in place, most don't have a database security plan, which is critical in protecting the crown jewels. Database security plans focus on the granular level of controls and approaches essential in nailing down critical data across the enterprise. Application delivery and security professionals should consider building a database security plan, starting out with a few security policies and then moving on to build comprehensive controls across the enterprise.

這份報告的作者Noel Yuhanna在2009年也發表過多篇數據庫安全的研究報告，并從三個維度分析了數據庫安全體系，如下圖所示：

?

總結

以上是生活随笔為你收集整理的Forrester:建立企业数据库安全计划的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。