Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
AntohaRomaha2015-12-04 11:37:39
Information Security
AntohaRomaha, 2015-12-04 11:37:39

How to track the copying of database files?

Good afternoon.
There is a task - to protect all files of databases. What software can be used to track local copying, copying to a USB flash drive, copying over the network, as well as uploading to the Internet? Interested only in certain files, quite large in size with a certain extension.
It is necessary to monitor Windows Server 2008 R2, and NAS Netgear, there is Linux with a web face. There are bases on them, it is necessary to take control.
There is a gateway on FreeBSD 10.2 - but it can be tracked, I believe, only uploading to the Internet.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

8 answer(s)
Report
A
AntohaRomaha, 2016-02-09
@AntohaRomaha

I will try staffcop

Report
A
alexxandr, 2015-12-04
@alexxandr

database files and backups on a separate NAS and deny access to it to everyone except applications that work with the database.

Report
O
other_letter, 2015-12-04
@other_letter

Who are the recipients of the information? Your employees or end users? If the first - it's easier, probably, to track them. If the second ... Perhaps, I don’t know ...

Report
A
Armenian Radio, 2015-12-04
@gbg

It can do (partially) audit files in windows. Well, or some secret net.
In general, configure the access rights properly. It is not good for employees to have access to database files.

Report
M
mace-ftl, 2015-12-04
@mace-ftl

usb_lock1.png
from here ptraffer.ru/analiz-trafika/69-control-usb

Report
A
apreobr, 2015-12-04
@apreobr

Prohibiting copying of specific files makes sense only as one of many points of protection. The database can be pulled out via mail, archived into a multi-volume archive with a non-standard extension and copied over the network to a computer that is allowed access to public mail servers. The closest thing to a universal solution is the differentiation of access rights.
- We had 2 domain controllers, 75 group policies, 5 access logs, half the enterprise information security scheme and a whole lot of USB blocking utilities, as well as antivirus, DIP, a video camera box, file access restriction by extension and and the head of the security department. Not that it was the necessary margin to protect the database. But once you start doing IS, it becomes hard to stop. The only thing that caused me concern was extensions. There is nothing more helpless, irresponsible and corrupt than filtering access by extension. I knew that sooner or later we would switch to this rubbish.

Report
N
nApoBo3, 2015-12-09
@nApoBo3

It is generally impossible to protect a file database from copying without an intermediate layer. This operation can be somewhat difficult. But if the user can work with this database, then he can copy it.

Similar questions
E
Elger2017-06-02 17:35:27
What topic to choose for the diploma (computer security)? 1Reply
S
Sergey2015-06-25 08:54:48
How to test your own sites for vulnerabilities and not break the law? What licenses are needed for pentesting? 1Reply
B
BotaniQ_Q2017-06-05 23:08:50
Are proxies/vpn/ip-facker safe? 2Reply
V
Vlad M2015-06-27 17:18:19
Router&Outpost Security Suite Pro 9.1? 1Reply
Y
Yuri Syrovetsky2015-06-29 11:35:13
Is authorization allowed only by phone number? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question