Database security at the database level can reap a lot of ROI for compliance spend, consultants and auditors say. Database security controls should be as close to this data as possible, says Stonesoft VP of technology for Stonesoft. The complexity of today’s database environment leaves ample opportunity for configuration and vulnerability trouble. Organizations should be putting effort into patching known vulnerabilities as quickly as possible and testing regularly for vulnerabilities, experts say. Auditors will also look closely at the kind of encryption employed and whether encryption is properly used.”]
Source: https://www.darkreading.com/database-security/are-your-databases-audit-ready-