While many enterprise organizations have enthusiastically embraced the migration of databases from on-premises data centers to the cloud, there are still trade-offs. One of these has been the loss of security monitoring tools, and it is a situation that McAfee LLC is working with Amazon Web Services Inc. to fix.

“Whenever you start migrating databases into the cloud, you inadvertently lose some of the controls that you might have on-premises,” said Markus Strauss (pictured), product manager of database security at McAfee. “Things like monitoring the data and being able to do real-time access monitoring, which is very important regardless of where you are.”

Strauss spoke with Dave Vellante (@dvellante), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during AWS re:Invent in Las Vegas. They discussed the collaboration between AWS and McAfee to provide database monitoring, as well as trends Strauss has seen in enterprise threat activity. (* Disclosure below.)

Activity stream in private preview

To improve the availability of key monitoring tools for migration customers in the cloud, McAfee and AWS have reportedly collaborated on a project to increase visibility through Amazon’s Aurora Relational Database Service. AWS has put Aurora’s PostgreSQL database activity steam into private preview, according to Strauss.

“This is essentially a way for third-party vendors to be able to read an activity stream off Aurora enabling McAfee to consume that data and bring customers the same level of real-time monitoring to the database as a service world as they were used to on-premises,” Strauss explained. “It’s a great first step into being able to provide that same level of activity monitoring in real-time as we’re used to on-premises.”

McAfee’s work with AWS in this area is important because databases are where a company’s most critical information often resides. Hackers have realized this and have developed sophisticated tools to exploit breaches for monetary gain.

“My main goal as any sort of hacker is essentially to get onto the data and get that out, because that’s where the money sits,” Strauss said. “That’s what brings the most money in the open market.”

McAfee has even seen hackers develop tools that can stealthily change encryption controls for specific database fields over several months, before finally capturing the database key, locking out the owner and demanding ransomware.

“On the database side, it’s a lot more targeted and a lot more expensive,” Strauss said. “We have put specific controls in place that monitor for changes in the encryption level, so even if one or two key fields start to get encrypted with a different encryption key, we’re able to pick that up and alert you on it.”

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of AWS re:Invent. (* Disclosure: McAfee LLC sponsored this segment of theCUBE. Neither McAfee nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE