CASE STUDY:
NTT PLALA MAKES A SECURED CHOICE TO MONITOR AND MANAGE ITS DATABASE ACCESS
NTT Plala, Tokyo, Japan, a leading company in the Japanese telecommunication industry, also known as a comprehensive media company and providers of Internet video-delivery services, manages about 2 millions entries of member information. For a networking company such as NTT Plala, the threat of a possible data breach is growing. By using advanced security tools they are able to overcome such threats. This practical case study explains how NTT Plala managed its database from the security breach threats.
Mr. Araki
Network Administration Dept
Deputy General Manager
Mr. Hasebe
Network Administration Dept
Manager
Mr. Kagesawa
Network Administration Dept
PLALA PROBLEM - LACK OF UNIFIED ACCESS LOG FOR EASY ANALYSIS AND REPORTING
The company manages about 2 millions of their member details in the Oracle Database, which is linked to other applications such as Subscription and Editing subscriber profile. The database monitoring systems which they were using already, recorded access logs for member activity such as use of web servers, applications, login and logout the database. But these details were recorded in different formats, hence it was difficult to use them for log analysis. Moreover, it was time consuming as the Network Administration Department staff had to analyze multiple logs. NTT Plala, was in need of a security system that could control and monitor the access logs in a unified way for efficient data collection and data access management.
PLALA REQUIREMENT - A COMPLETE SECURITY AUDITING TOOL
The company searched for a security tool that would meet its requirements
- Record the whole SQL text
- Minimum system performance overhead
- Monitor access to critical database containing member information
- Monitor access from a specific user account
- Monitor access from a specific application
- Monitor access in suspicious time
- Monitor access to large amount of data
With these expectations, the company compared the different security tools available in the market. Majority of the tools used the built-in auditing feature available in Oracle. This resulted in the performance deterioration, as they were not able to handle large amount of data transactions (10 millions per day). Also they were not able to use important SQL statements for audit trails.
INTRODUCTION OF PISO IN PLALA
Plala had been evaluating various security tools for about 3 months. As a result of their analysis, they found that PISO, a database security breach monitoring tool, developed by Insight Technology Inc., fit their requirements and all their expectations were met. Mr. Hasebe, Mr. Araki, and Mr. Kagesawa of NTT Plala evaluated the tool in a test environment and later started a full-scale deployment in September 2004.
Mr. Araki remarked, "We have high regard for the technological strength of Insight Technology when it comes to working with the Oracle database. We are also grateful to the company for meeting our requests regarding the security monitoring tool."
PISO RESULTS - COMPREHENSIVE SUMMARY OF THE ACCESS DETAILS !
PISO efficiently monitors all access to the database and maintains a complete auditing report. PISO's overview summarizes the auditing details.
"Overview is very easy to understand; it checks irregular access and immediately investigates"
PISO RESULTS - DISTINCT ALERTS FOR VARIOUS LEVELS OF ACCESS !
Furthermore NTT Plala began to thoroughly analyze PISO access logs. The access patterns were easy to understand. For instance, if a large amount of data had been retrieved, it was possible to identify whether it was executed from the system operations, such as the batch processing, or manually retrieved from any application.
"We can almost automatically filter out the irregular access. We will be alerted of the access that is different from the normal access patterns. The illegal access can be detected efficiently and rapidly by checking SQL text." referred Mr. Hasebe.
PISO RESULTS - IMPROVED THE AWARENESS AMONG EMPLOYEES ABOUT SECURITY ISSUES !
"The introduction of PISO was informed to all employees in the company and this has improved their security consciousness," added Mr. Araki.
For instance, if an employee has to access any personal information in the database, they have to inform the administrators about the access in advance. PISO serves NTT Plala not just as a database access monitoring tool but also as a deterrent against security breaches.