It seems to me that every newsletter I get these days has at least one article about security / data protection. Here are a few of the headlines that I've noticed:
* Don't Tolerate Liberal Data Permissions* What Is All This Integrity Business?* How to get employees passionate about disaster recovery * Backups: Understanding How Performance Matters* Top 10 Security Trends for 2008* Learn Best Practices for Database Auditing
Yesterday I was sent this information regarding data security problems that I'd like to share with you:
* Is your DB2 audit reporting strategy lacking institutional controls, or perhaps even nonexistent? * Are you using "live" production data for unit testing, with no masking of sensitive data values? * Are you wasting resources storing large amounts of unreferenced and inactive data on your operational databases? * Is sensitive data potentially being exposed to theft while at rest or in transit between you and your business partners?
The DB2 and IMS solution can help minimize the liability risk associated with Data Governance.
Data Server Security BlueprintThis blueprint provides a threat-focused security framework for users of IBM Data Servers (whether DB2 for LUW, DB2 for z/OS or IDS) and our related data governance Tools that help them understand how our products work together to solve their data security problems. It is comprehensive enough to cover all the major threats, yet simple enough for a new DBA to pick up and use immediately. From this site, download the white paper and the blueprint.
On April 1, there was a Chat with the Lab regarding this blueprint. From this site you can download the charts and at some point in the near future, you'll be able to listen to a replay of the chat.
And last but not least, we have several books that are current and cover these topics to some degree. In particular Understanding DB2 9 Security by Rebecca Bond, Kevin Yeung-Kuen See, Carmen Ka Man Wong, Yuk-Kuen Henry Chan.
Understanding DB2 9 Security is the only comprehensive guide to securing DB2 and leveraging the powerful new security features of DB2 9. Direct from a DB2 Security deployment expert and the IBM® DB2 development team, this book gives DBAs and their managers a wealth of security information that is available nowhere else. It presents real-world implementation scenarios, step-by-step examples, and expert guidance on both the technical and human sides of DB2 security.
DBA Central on developerWorks has a list of the most recent articles, and you'll find several related to the security topic that may be useful to you as well.