Skip to main content

Why Alert Fatigue Remains a Database Performance Threat

Unlike a decade ago, databases have become more complex than before, but so have the means to spot performance issues evolved. For their businesses to remain at par with the ever-changing IT landscapes, most IT professionals have been forced to invest in monitoring tools to help them comb through the system and identify threats. However, a slight problem lies in how these professionals handle database threat alerts.

Why Alert Fatigue Remains a Database Performance Threat

Image Source

More than 50% of these professionals end up ignoring the alerts that they get from the tools that they invested in, according to the Dark Reading website. While most professionals get away with this trend, it can be damaging to the IT environment were they to ignore a high priority threat alert. A good example would be the 2013 Target cyber breach which resulted from alert fatigue. Although this behavior can be changed, it requires you to understand what really causes alert fatigue.

So, why are alert fatigues still a threat to performance?

Alerts Might Lack Context

Sometimes the alerts that reach your security team might lack enough context to use in remediating the situation. This means that the IT professional in charge of that part of the database will have to fly blind to resolve these issues. While the time required to resolve the issue of a single alert under these circumstances might be insignificant, it will quickly turn into an inconvenience if multiple similar alerts reach the same person.

This will mean that they will take more time to resolve the issues, and might end up ignoring some of the alerts. A good database activity monitoring tools should offer enough context on the reason behind the alert. It should provide information about the machine that was affected, the time the problem occurred and offer a little insight on how to remedy the situation.

Alert Redundancy

In some cases, no single security solution might provide all the security you need, which makes layering solutions a wise choice. The issue comes in when multiple solutions aren’t integrated enough. When two solutions notice an issue with your database, they will both send alerts which will turn out to be redundant to the security professional in charge of that specific area.

The trick is to fine-tune the tolerance levels of these solutions. You can start by consolidating and correlating the threat data. The best option, however, would be to switch to a more integrated solution that is platform based – this will also help save cost and improve vendor relationships.

Alert Delivery Issues

In some instances, alerts might be delivered to the wrong person in the organization. Seeing that these alerts do not concern them, chances are that they will ignore them. On the other hand, both high and low priority alerts might be sent out at the same time of the day.

For instance, delivering both types of alerts at 2.00am will increase the chances of a DevOps team member ignoring a high priority alert with the mindset that it might be nothing but minor. In both instances, evaluating your alert protocol is vital.

Excessive False Positives

False positives might be inevitable. The monitoring tools that you use might pick up an anomaly that shouldn’t raise any red flags. While a single false positive shouldn’t be too much to deal with, receiving them in high number can be a recipe for danger.

Excessive False Positives

Image Source

Since humans tend to get inured to redundancy, your team is likely to ignore all alerts with the mindset that they are all false positives. In case there is a high priority true positive alert in this sea of false positives, ignoring it will only lead to trouble. The trick is to fine tune your monitoring tools to reduce the occurrence of false positives.

Conclusion

Investing in the best database monitoring tools will only take you so far. The next step should be to tweak the tools to fit your IT environment. Consider the tips above to make every alert you get from such tools worthwhile.

The post Why Alert Fatigue Remains a Database Performance Threat appeared first on The Crazy Programmer.



from The Crazy Programmer https://www.thecrazyprogrammer.com/2019/01/why-alert-fatigue-remains-a-database-performance-threat.html
Labels:

Comments

Post a Comment

Popular posts from this blog

dotnet sdk list and dotnet sdk latest

Can someone make .NET Core better with a simple global command? Fanie Reynders did and he did it in a simple and elegant way. I'm envious, in fact, because I spec'ed this exact thing out in a meeting a few months ago but I could have just done it like he did and I would have used fewer keystrokes! Last year when .NET Core was just getting started, there was a "DNVM" helper command that you could use to simplify dealing with multiple versions of the .NET SDK on one machine. Later, rather than 'switching global SDK versions,' switching was simplified to be handled on a folder by folder basis. That meant that if you had a project in a folder with no global.json that pinned the SDK version, your project would use the latest installed version. If you liked, you could create a global.json file and pin your project's folder to a specific version. Great, but I would constantly have to google to remember the format for the global.json file, and I'd constan
Post a Comment
Read more

R vs Python for Machine Learning

There are so many things to learn before to choose which language is good for Machine Learning. We will discuss each and everything about R as well as Python and the situation or problem in which situation we have to use which language. Let’s start Python and R are the two most Commonly used Programming Languages for Machine Learning and because of the popularity of both the languages Novice or you can say fresher are getting confused, whether they should choose R or Python language to commence their career in the Machine learning domain. Don’t worry guys through this article we will discuss R vs Python for Machine Learning. So, without exaggerating this article let’s get started. We will start it from the very Basics things or definitions. R vs Python for Machine Learning Introduction R is a programming language made by statisticians and data miners for statistical analysis and graphics supported by R foundation for statistical computing. R also provides high-quality graphics and
1 comment
Read more

Top Tips For PCB Design Layout

Are you thinking about designing a printed circuit board? PCBs are quite complicated, and you need to make sure that the layout that you choose is going to operate as well as you want it to. For this reason, we have put together some top tips for PCB design layout. Keep reading if you would like to find out more about this. Leave Enough Space One of the most important design tips for PCB layout is that you need to make sure that you are leaving enough space between the components. While many people might think that packing components closely is the best route to take, this can cause problems further down the line. This is why we suggest leaving extra space for the wires that will spread. This way, you’ll have the perfect PCB design layout. Print Out Your Layout Struggling to find out if your components sizes match? Our next tip is to print out your layout and compare the printed version to your actual components. Datasheets can sometimes come with errors, so it doesn’t hurt to do
1 comment
Read more