Most organisations solely implement perimeter-based security solutions, even though the greatest threats are from internal sources. Additionally, organisations implement network-based security solutions that are designed to protect network resources, despite the fact that the information is more often the target of the attack. Recent development in information-based security solutions addresses a defence-in-depth strategy and is independent of the platform or the database that it protects. As organizations continue to move towards digital commerce and electronic supply chain management, the value of their electronic information has increased correspondingly and the potential threats, which could compromise it, have multiplied. With the advent of networking, enterprisecritical applications, multi-tiered architectures and web access, approaches to security have become far more sophisticated. This raises important issues with regards to database security.Therefore it is very important to select the most suitable product to deploy in any organization concerned. It is essential for the research community to help in evaluating these products.