Imperva Provides 360 Degree Protection Against Insider Database Threats

SecureSphere Database Firewall Locks Down and Locks Out Privileged Users that
Violate Security Policies
REDWOOD SHORES, Calif.--(Business Wire)--
Imperva®, the data security leader, today announced new insider abuse protection
capabilities for its SecureSphere Data Security Suite and Database Firewall
solutions. In addition to its existing network-based monitoring and blocking of
unauthorized activity by trusted insiders, SecureSphere can now terminate local
user activity and quarantine user accounts in the event of a security policy
violation. This extends Imperva`s unmatched database protection to a full 360
degrees. 

The current economic recession is straining employee-employer loyalties and
raising the threat that insiders may abuse their data access privileges. Earlier
this month, the former IT director for a nonprofit organ and tissue donation
center pleaded guilty to a charge that she broke into the organization`s
computer network and deleted organ donation database records, invoice files, and
database and accounting software. These types of incidents reinforce the need
for database activity monitoring that is divorced from the server so it can not
be disabled, and spans all user groups, including those with elevated privileges
like database administrators. 

"SecureSphere has always provided the most complete network-based database
protection capabilities for privileged and non-privileged users, as well as some
core local activity monitoring," said Amichai Shulman, CTO of Imperva. "To
address the growing risk of insider abuse, we have boosted SecureSphere`s
ability to detect, block, and prevent subsequent attempts by privileged users to
breach security policies through direct access to the database server. With
local activity termination and user account quarantine, we truly provide 360
degree data protection." 

Local Lockdown

To protect sensitive database records from intentional or unintentional abuse by
insiders, SecureSphere can terminate unauthorized activity by privileged users
even when these operations take place directly on protected servers.
SecureSphere enables security teams to create very granular security rules to
define acceptable use policies for users with elevated privileges such as
database administrators. In the event that a policy is violated, SecureSphere
prevents the activity from occurring. SecureSphere can be configured to block a
single unauthorized event, as well as prevent new connections from the same
user. This ensures that a user who has violated security policy remains blocked
when accessing the database via an application which can automatically renew its
connections. 

Quarantine Suspicious Accounts

In addition to local activity termination, SecureSphere can quarantine users by
removing their RDBMS privileges. Privileged account quarantine not only ensures
that a specified user is unable to execute any further actions, but also removes
their ability to login to the database. To reinstate a quarantined account, a
security review is required before it can be reactivated. This capability allows
IT security departments to stop insider data breaches at the source, and prevent
any subsequent attempts by the same individual to compromise the company`s
assets. 

Pricing and Availability

The Imperva SecureSphere Database Firewall, also offered as part of the Data
Security Suite, with local activity termination and user account quarantine is
available immediately from Imperva and its business partners worldwide. Pricing
starts at $45,000 USD. 

About Imperva

Imperva, the Data Security leader, enables a complete security lifecycle for
business databases and the applications that use them. Over 4,500 of the world`s
leading enterprises, government organizations, and managed service providers
rely on Imperva to prevent sensitive data theft, protect against data breaches,
secure applications, and ensure data confidentiality. The award-winning Imperva
SecureSphere is the only solution that delivers full activity monitoring from
the database to the accountable application user and is recognized for its
overall ease of management and deployment. For more information, visit
www.imperva.com. 

Imperva and SecureSphere are registered trademarks of Imperva, Inc. All other
brand or product names are trademarks or registered trademarks of their
respective holders. 



For Imperva
Marc Gendron, 781-237-0341
marc@mgpr.net

Copyright Business Wire 2009