It seems we can’t turn on the TV lately without hearing of another data breach. Data breaches not only cause frustration while everyone has to change their passwords, drugstore but they can also mean the leaking of sensitive and personal information about medical conditions, cure addresses, troche or credit card numbers. These leaks can mean loss of customer trust, which is one of the hardest things to rebuild. AKT can help. We use a number of methods to protect your data.
You have enough to worry about. We at AKT value the trust you place in us to keep your data safe from outside attacks, so we make it a priority to keep that trust. We start with a password vault provided through Secret Server by Thycotic Software. Then we add intrusion detection systems on all of our major servers that allow us to monitor your files for any suspicious behavior. We deploy log aggregation software which enables us to pull log data together from our major servers and the crucial network systems. AKT also uses vulnerability and penetration tests on our components. We run the vulnerability tests, while an outside security company does the penetration tests.
What are these tests? A vulnerability test looks for any weak points in a particular system, then alerts you to them. These can be automated to run periodically. A great time to run these is right after new components are installed. This type of test can also include a credentials test to see if credentials are being properly evaluated by the computer and authenticated. The report generated after the test lets you know what was found to be vulnerable or potentially so and what has changed since the last time the test was run.
On the other hand, a penetration test simulates outside threats to actually breach weak points in the system, as many layers in as possible. In other words, a hacker is hired to do what he or she does best. These are typically run once a year and the findings are then reported along with what data was actually able to be obtained or altered. While other tests find what might be a gap in security, this type of testing uses actual gaps that can harm the ability of a business to operate. By knowing what can be exploited before the destructive hackers do, a company has the chance to fix the problem and reduce the chance of lost profits, or worse.
Neither of these types of tests is inexpensive, but compared to the loss of data and the extraordinary costs of trying to recover from a major security breach, they are worthwhile investments. Both tests can be valuable tools to improve information security at many levels.
When sensitive data is breached for any reason, it can threaten the survivability of the organization. Database administrators are the protectors of their organization’s core data assets. They are tasked with ensuring that key data stores are safeguarded against any type of unauthorized data access. AKT understands that our customers have “turned over the keys” to their sensitive data stores to our organization. Therefore, our highest priority is to safeguard sensitive customer information. To learn more about the security services offered by AKT, please visit our Database Security Services page.
- + Industry-leading Password Vault: AKT has selected Secret Server, an industry leading password vault package created by Thycotic Software as the storage mechanism for its password vault.
- + Intrusion Detection Systems (IDS): Intrusion Detection Systems are installed on all key servers, so that AKT can continuously monitor clients' environments for malicious activity.
- + Centralized Security Log Aggregators: AKT utilizes log aggregation software to collect log data from all key servers and critical network components.
- + Vulnerability and Penetration Tests: AKT performs the vulnerability tests while the penetration tests are performed by a PCI certified third-party security company.