In a sea of compliance initiatives, database security is often overlooked. But experts say no matter what the regulations say, securing the database is a critical part of any compliance effort. “What I’ve found in my experience is that the database is often the forgotten layer, even though it’s the layer where the crown jewels — the data — usually resides,” says Scott Laliberte, global leader of information security assessment services for Protiviti, which conducts third-party audit assessments for enterprises. But improving the security of the database as part of a larger compliance initiative is doable, experts say. The trick is to follow six steps toward database compliance.