<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2826169&amp;fmt=gif">
Start  trial

    Start trial


      As we enter the new year preparing for future projects, we can expect that in any industry our data volumes will increase.

      An increase in data can often put you at risk for new and unplanned vulnerabilities. Now, before the year gets busy, is the perfect time to get ahead of things and review your current security methodologies and configurations.

      Security for 2024 should be more than just a resolution. Cyber threats lurk at every corner, it is imperative that security becomes a continuous journey rather than a one-time commitment.

      Fujitsu's own Gary Evans has created a series of security blogs to get you going.

      He begins the series with a journey through the cybersecurity landscape, setting the foundation with an understanding of the importance for following a framework such as NIST.

      As a DBA, there may be teams that you do not associate with daily, but you still need to be aware of what they do. It is your responsibility to understand the roles that play a crucial role in an organization's data defenses, so you can stay ahead of potential data breaches.

      Experienced and novice DBAs alike must understand the importance of security benchmarks. No two systems or companies are alike, so benchmarks are unique to their environments. Having a security baseline in place will allow you to use the benchmarks to build a secure system that your CISO will approve of as you try to set the bar high for your team.

      Typically, when we talk benchmarks, we are discussing performance metrics. For security, you may not know where to begin but Gary Evans has provided a major clue by introducing the CIS Benchmark. He provides a look into the CIS Benchmark for PostgreSQL 16.

      As a DBA, your main responsibility this year will be data protection. Data breaches are at an all-time high within every industry. The key aspect to protecting your data will be to understand authorization – who has it, what are they doing, and when. A guide to authorization and how it aligns to the framework you have in place is explained in detail.

      Read about the use of encryption in protecting data at rest and in transit. Learn about encryption types, key management, and the role of application-level encryption. It will help you understand how different types of encryption may fit your use case and how you can manage your encryption keys.

      Further digging into the encryption types, it's important to understand the differences between symmetric, asymmetric, and hash functions. This may help you understand why it's highly recommended by some technologist to achieve AES 256-bit encryption.

      NIST is a great framework, but it can only be effective if you understand how to use it to identify the risk you may have. Integrating a risk assessment and asset management as it pertains to your data security is outlined, providing details on how it relates to NIST in the asset and risk management blog posting.

      Achieving governance and compliance regulations will require an understanding of access control and monitoring activity, along with enforcing measures to support and enhance your data security. The governance blog provides tips in developing a policy to help enforce your organizational goals and standards.

      Security detection today needs to evolve to reduce the overall risk. Gary Evans explores the detect pillar, explaining the use of your PostgreSQL catalogue to implement some real-time monitoring.

      In the overarching scheme of cybersecurity, detection serves as an early warning system, preventing minor issues from escalating into major data breaches. A robust detection system not only conserves time and resources but also maintains the integrity and trustworthiness of our data management.

      More than just a resolution

      Security for 2024 should be more than just a resolution. The security blog series can lead you on the journey to improve your cybersecurity awareness and database security.

      In conclusion, the Database security blog series by Gary Evans offers valuable insights into the ever-evolving landscape of cybersecurity and database protection. By exploring key roles, security benchmarks, authorization, encryption types, risk management, governance, and detection strategies, DBAs can enhance their understanding and implementation of security measures.

      As we look ahead, it is clear that security must be a continuous journey towards improving cybersecurity awareness and data protection. I encourage you to delve deeper into the topics discussed in this blog series to strengthen your security practices and stay ahead of potential threats in the ever-changing digital world.

      Topics: PostgreSQL, Database security, Fujitsu Enterprise Postgres, Security

      Receive our blog

      Search by topic

      see all >
      Tim Steward
      Principal Data Enterprise Architect, Fujitsu
      Tim has more than 20 years of experience in the industry with significant expertise in RDBMS, including but not limited to Postgres and Oracle, helping customers understand their architectural landscape and how they can leverage open-source database technology.
      Acknowledged as an experienced Technical Leader, Tim has spoken frequently in conferences and written numerous papers and blogs.
      Our Migration Portal helps you assess the effort required to move to the enterprise-built version of Postgres - Fujitsu Enterprise Postgres.
      We also have a series of technical articles for PostgreSQL enthusiasts of all stripes, with tips and how-to's.


      Explore PostgreSQL Insider >
      Subscribe to be notified of future blog posts
      If you would like to be notified of my next blog posts and other PostgreSQL-related articles, fill the form here.

      Read our latest blogs

      Read our most recent articles regarding all aspects of PostgreSQL and Fujitsu Enterprise Postgres.

      Receive our blog

      Fill the form to receive notifications of future posts

      Search by topic

      see all >