In shared infrastructures such as clouds, sensitive or regulated data—including run-time and archived data—must be properly segregated from unauthorized users. Database and system administrators may have access to multiple clients’ data, and the location of stored data in a cloud may change rapidly. Compliance requirements such as Payment Card Industry Data Security Standard (PCI-DSS), Health Insurance Portability and Accountability Act (HIPAA) and others may need to be met. This webinar will discuss how to help protect cloud-based customer information and intellectual property from both external and internal threats.
View the On-demand webinar: https://www2.gotomeeting.com/register/187735186
2013 mid-year highlights
Targeted attacks and data breaches
• Based on the incidents we have covered, SQL injection (SQLi) remains the most common breach paradigm and in the first half of 2013, security incidents have already passed the total number reported in 2011 and are on track to surpass 2012 by the end of year.
A wave of data breaches which target international branches of large businesses, corporations and franchises takes advantage of the fact that satellite and local language websites representing their brand are not always secured to the same standard as the home office. These types of incidents affected the food, automotive, entertainment and consumer electronics industries, and can result in a reputation hit as well as legal implications from the loss of sensitive customer data. (page 17)
While remote malware is prevalent, physical access is still a factor in several noted breaches. This could be the result of insiders stealing data, or of the loss of unencrypted assets like old drives, laptops, or mobile devices. These types of incidents are not always maliciously motivated. A mistake in printing retirement information led to U.S. social security numbers7 being visible in the clear window of the mailing envelope, putting sensitive data at risk. Inadvertent loss of data from human error is not uncommon.
2013 Ponemon Institute https://www4.symantec.com/mktginfo/whitepaper/053013_GL_NA_WP_Ponemon-2013-Cost-of-a-Data-Breach-Report_daiNA_cta72382.pdf
Database Trends and Applications December 2011
http://www.dbta.com/Articles/Editorial/Trends-and-Applications/Ensuring-Protection-for-Sensitive-Test-Data--79145.aspx
http://mcpmag.com/articles/2008/02/01/use-of-live-customer-data-in-application-testing-still-widespread.aspx
This Ponemon research reveals organizations neglect privacy considerations in nonproduction environments such as testing, Q/A and development. This is in direct violation of many regulations including PCI DSS and HIPAA.
From wikipedia: http://en.wikipedia.org/wiki/Virtualization
Virtualization, in computing, is the creation of a virtual (rather than actual) version of something, such as a hardware platform, operating system, database, a storage device or network resources.
Virtualization can be viewed as part of an overall trend in enterprise IT that includes autonomic computing, a scenario in which the IT environment will be able to manage itself based on perceived activity, and utility computing, in which computer processing power is seen as a utility that clients can pay for only as needed. The usual goal of virtualization is to centralize administrative tasks while improving scalability and work loads.
In simplest terms, virtualization is the process of inserting a layer of abstraction between a consumer of a resource and the resource itself. By inserting this layer of abstraction, we have decoupled consumers from resources. Virtualization enables previously hard-coupled elements of the IT stack to be taken apart and recombined in ways that easily enable new combinations and usage scenarios. In a sense, virtualization adds layers of lubrication and agility into previously rigid IT architectures.
Outward facing apps sitting in the dmz. Firewall. Controlled ports. Still relevant
Extensions of your secure environment to the cloud
IAAS – it cost and flexibility- think about country limits – sensitive information.
Private cloud – similar to iaas
When you use saas – third use case in this picture.
In IT and business, we are experiencing an unprecedented openness in the use of technology, which is both an opportunity for new business, but also a challenge for IT, operationally and from the security perspective.
The amount of data generated and handled is exploding, giving rise to technologies like Big Data Analytics to help us make sense of it (Google handles 20 Petabytes/day). But also, the IT walls are coming down, making room for better communication with the consumers anywhere (think of the mobile device communication – 6B and growing - and cloud computing). An on the security side, we are seeing more targeted sophisticated attacks to get access to that critical enterprise asset, SENSITIVE DATA.
This dynamic is causing the rise in multiple perimeters, that go beyond the traditional perimeter that we protected using firewalls and antivirus. We are having to shift the focus of security closer to the data itself.
So Security in general and Data Security in particular has to be approached in a more holistic manner: one using Security Intelligence.
************************************
IBM helps clients address multi-perimeter security complexity driven from Mobile and Cloud inertia
Keeping People, Data, Applications and Business Infrastructure safe from threats-The era of Big Data has arrived – an explosion of digital information – accessed from, and stored on, virtualized cloud and social platforms and on mobile devices that are part consumer, part business. Everything is everywhere. And we are hearing that there will be 40% projected growth in global data generated per year, while we only see a mere 5% growth in global IT spending. For IT, the complexity is overwhelming with possible points of attack near limitless. For business, recent breaches have proven to be extremely costly, with attacks aimed directly at the business, not the technology.
Securely moving to new technology platforms-Cloud, Mobile, BigData and unknown futures…all bring tremendous cost savings, efficiency, and opportunity. But they come at a price when it comes to addressing security risks. All companies are struggling to find security solutions that mitigate the risk.
Managing cost/complexity-Although security budgets are growing in double digit percentages due to recent high numbers of high profile breaches, companies still look at security as an unwanted necessity: a cost to be kept minimized. Complexity leads to higher costs: companies struggle with implementing and maintaining their security posture.
Maintaining and demonstrating compliance-Managing varied and dynamic requirements requires accurate, reliable visibility and comprehensive reporting. In addition to enabling new innovation and maintaining the security, privacy and availability of critical business assets, IT organizations still need to prove it, and they struggle with putting security processes in place (people, technology) to meet and report on compliance guidelines.
In our Data Security and Compliance Strategy we strive to address all forms of protection for data in any state, and in every data security process (including direct enforcement, discovery and classification, data access control, monitoring, and auditing), culminating with the collection and analysis of real time data activity to provide better proactive insights around data protection. And, even though we focus on data security, we also see it as an integral part of both a holistic security strategy (security solutions integrations) and an IT/Business process strategy.
Enforcement
At rest: masking, encryption, key mgmt, vulnerability assessment
In motion: DAM, Network DLP, IPS/IDS, dynamic masking and encryption,
In use: endpoint vulnerability assessment, Endpoint DLP
***************
In this broader view of IBM’s Cloud Security capabilities, you can see how IBM takes an end-to-end approach to data security, looking at the requirements to protect data in any form, anywhere, from internal or external threats, streamline regulation compliance process and reduce operational costs around data protection. Each IBM solution for data security has a set of capabilities that can be mapped back to the requirements for the focus areas or “domains” of the security framework.
Risk – Sensitivity of the data, exposure of the data, location of the data (cloud, within enterprise), Security of the infrastructure (hadoop, database, file servers, etc)
How to rate:
Sensitivity – classification
Business Value
Common terms defined by the business glossary
Activity monitoring can identify the usage of the data
HAM will help identify how active the data is, who is consuming this information, what applications and insights are using the data
Risk – Sensitivity of the data, exposure of the data, location of the data (cloud, within enterprise), Security of the infrastructure (hadoop, database, file servers, etc)
How to rate:
Sensitivity – classification
Business Value
Common terms defined by the business glossary
Activity monitoring can identify the usage of the data
HAM will help identify how active the data is, who is consuming this information, what applications and insights are using the data
Nir
Organizations struggle with the following issues when it comes to protecting security and privacy in virtual and cloud environments: compliance, access, productivity and vulnerability. Data security and privacy solutions should span both structured and unstructured data in virtualized and cloud environments. IBM InfoSphere solutions help secure sensitive data values in databases, in ERP/CRM applications and also in forms and documents across your cloud and virtual infrastructures. Key technologies include database activity monitoring, data masking, data redaction and data encryption. A holistic data protection approach ensures 360-degree lockdown of all organizational data. When developing a data security and privacy strategy, it is important to consider all data types.
Compliance
Think about where sensitive data resides in the cloud. Its important to identify sensitive data types and establish policies for use of this data in the cloud. Understanding where data resides, what domains of information exist, how its related across the enterprise and define the policies for securing and protecting that data and demonstrating compliance. The number and variety of compliance regulations keeps growing. You are still accountable even as your data moves to the cloud.
Access
Hackers come in all shapes and sizes. They could be young computer scientists trying to show off or make a political statement. They could also be tough cyber-criminals or even foreign states trying to collect intelligence on their enemies. It is important to note, organizations should protect against BOTH the internal and external threat. Perhaps you have heard the term tootsie pop security. This is the practice of having a hard, crunchy, security exterior filled with firewalls and IPS devices, but with a soft interior. It is like breaching castle walls and then just walking around and doing whatever you feel like. So, if I’m an attacker, I just have to get inside. Organizations should have solutions in place to understand what’s happening on the inside, for example understanding privilege user behaviors and identifying database platform vulnerabilities.
Productivity
Security and privacy policies should enhance not prevent business operations. Security and privacy policies should be build into every day operations and work seamlessly in cloud environments. For example, perhaps you are using a private cloud to facilitate application testing. Consider masking sensitive data to mitigate the security risk.
Vulnerability
The number of database vulnerabilities is vast and hackers can exploit even the smallest window of opportunity. Its important to understand vulnerabilities from all angles and develop an approach to protecting them. Common database vulnerabilities include: back level patches, mis-configurations and system default settings.
How can you streamline this process to PROVE compliance, PREVENT attacks and MONITOR your virtualized and cloud environments?
Alerts of suspicious activity: Ensure your solution alerts your organization of unusual network activity, for example – multiple failed logins from one IP address could indicate someone is trying to hack into your environment.
Audit reporting and sign-offs: The ability to report user activity – and detect any unauthorized activity; database object creation & configuration – and if it could impact data protection; entitlements – ensure user access to data is in line with their user role.
Separation of duties: Ensure the user that creates the security policies is independent of the user that reports when these policies are applied – checks & balances
Trace users between applications, databases: Ensure application information isn’t accessed via a “back door”; track how users are accessing sensitive data.
Sign-off and escalation procedures: Automate the sign-off and escalation procedures when suspicious activity is detected, so that it can be quickly resolved.
Integration with enterprise security systems (SIEM): Ensure your solution integrates with your organization’s overall security event manager (centralize storage and interpretation of logs/events generated by the various software running on your network).
Securing and protecting data is both an external AND internal issue.
External threats are usually in the form of malicious attacks to your systems from hackers and thieves. Internal threats are more difficult to define/prevent:
Some data breaches can be unintentional – sensitive data accidentally available on a public site; third-party developers leveraging private data in multiple test environments.
But some breaches are due to individuals leveraging their “power user” or authorized access to databases to search & collect data that is not relevant to their business duties. For example, the health organizations recently fined for accessing Michael Jackson’s health records after his death.
So, Guardium’s original charter was in-depth handling of all aspects around the protection of critical data in databases. We are expanding this charter to protecting data everywhere (structured and non-structured), including applications. Our differentiation is our approach for real-time monitoring of data flows rather than just the after-the-fact auditing analysis. The benefit of this approach is that it helps customers:
First, Protect and prevent data breaches and fraud, from both internal and external sources, specially privileged users.
Second, It helps them control access to sensitive enterprise data (like in what is controlled through SAP, Peoplesoft, etc, and even some unstructured document data), thus assuring data governance
and Third, It streamlines the process for compliance around data protection. Guardium provides the tools to slash compliance cost, by automating and centralizing the controls you need to comply with a variety of mandates, such as SOX or PCI. Because of our extensive heterogeneous support, this can be accomplished across all popular databases and applications, ensuring you can deploy a single solution enterprise-wide.
A forth value proposition is focused on being enterprise ready.
What it means is the ability to scale Guardium in an efficient, and cost effective manner.
Every release Guardium introduces significant improvement in scalability, integrations and automation-related features, with one goal in mind – streamline the administration, configuration and usage of the solution in large environments.
We will touch more on this as we dive deeper into version-9 and the technical details
Lets take a quick look at how Guardium achieves these benefits:
It does this using a single integrated, virtualizable, appliance, which can be configured as a Collector, a Central Policy Manager, or Vulnerability Assessment Server with the simple use of license keys. The key to monitoring non-intrusively is the S-TAP, which is a light-weight kernel shim that goes on the DB server, and taps all DB traffic (operations, data, errors.. Inbound and outbound). Basically, Guardium is a gateway to all data flows. No DB, app, or network changes are necessary. All this traffic is collected at the Collector, which runs policy against it and provides real-time alerting. If you want to also control or block traffic the STAP can be configured as an SGATE. The Central Policy Manager is the central point of control for all collectors.
You may notice that all major DB infrastructures and some major applications are supported. This is where Guardium provides extra value-add. By in-depth understanding of all these protocol/schema differences.
The appliances can be configured in a grid that is dynamically scalable, and extends to support even virtualized and Cloud environments. Need more expand your environment? add more probes and collectors. The STAP only takes a max 2% performance hit on DBs, which is much less than turning native auditing on, with the additional benefit of SOD, since the DBAdmin does not have control over the appliance and cannot affect its audit collection.
The appliance is easily deployable, and it discovers not only the DBs, but also the sensitive data and objects within them. It can even relate these object to certain applications like SAP, Peoplesoft, Siebel, Sharepoint, etc. This gives customers an quick overview of their current entitlements, which enables them to control privileged access.
Once setup, the Collector or Central Policy Manager can gather all the audit information in a normalized format (like an SIEM for DBs). The Vulnerability Assessment tool will scan these DBs and DB Servers for needed patches or configuration hardening, based on periodically updated vulnerability templates. All this information (configuration, vulnerability, audit) can easily be packaged and reported for the major regulations. We have pre-packaged modules for each major regulation.
And to the part that may interest you the most, Guardium can readily integrate with several Security and Systems Management solutions, providing a complementary in-depth view of the database security posture.
The Guardium appliance is hardened, by which we mean that there is no root access allowed to the data stored there.
The heavy duty lifting of parsing and logging data traffic is done there. The appliance is easily deployable
Once setup, the Collector can gather all the audit information in a normalized format (like an SIEM for DBs). The Vulnerability Assessment tool will scan these DBs and DB Servers for needed patches or configuration hardening, based on periodically updated vulnerability templates.
STAP Agents are very lightweight. They require nochanges to the Database or Applications. Collectors (appliance) handle the heavy lifting (parsing, logging, etc) to reduce the impact on the database server. They are OS-specific (aka Linux, Windows) The S-TAP is listening for network packets between the db client and the db server. The Guardium Admin configures each S-TAPto listen to the correct database ports and to interpret the specific type of database that Guardium needs to listen for. These configurations are called ‘inspection engines’. There is also an automatic discovery process to do the db discovery for you and configure the inspection engines with the correct ports. The S-TAPS Monitor ALL Access via network (TCP) or local connections (Bequeath, Shared memory, named pipes, etc). A Privileged User working on the server console won’t be detected by any solution that only monitors network traffic, so be careful of SPAN port solutions only.
The GUI is a web-based and is out of the box customized for different roles such as PCI auditor. It’s also quite customizable with the ability add and delete portlets for specific functions. Those customizations can be rolled out to others.
So how does InfoSphere Guardium work in virtual and cloud environments? It works seamlessly.
In this example, lets say you want to manage your hardware more efficiently. You decide to reduce the number of physical servers you have and create virtual machines for your database instances. The good news is that the InfoSphere Guardium database security offerings follow your virtual machines. The InfoSphere Guardium Database Activity Monitor, the InfoSphere Guardium Vulnerability Assessment solution and the InfoSphere Guardium Database Encryption Agent are installed at the operating system level. No extra provisioning, configuration or installation required. We refer to this as a “snap-in” model.
In addition, the InfoSphere Guardium Collector, which stores the logs from the database activity monitor can also be virtualized on the same hardware of on a different piece of hardware as required. As new virtual machines come online, they will be able to automatically discover the InfoSphere Guardium Collector. No need to do additional configuration as your enterprise expands. The S-TAP processes monitors all transactions into and out of the database and sends this information to the virtual machine containing the collector.
Also, the InfoSphere Guardium Database Encryption Expert Security Server can communicate with the virtual encryption agent with no problem, no matter how many new encryption agents come online. The security administrator sets the security and key policies via the InfoSphere Guardium Encryption Expert Data Security Server and updates are automatically set to the agents running on virtual machines across the cloud.
Now sometimes when we begin to consult with clients about database security we are questioned about the need for it, given the fact that most organizations have invested in firewalls and IPS to secure their perimeter. However, perimeter security isn’t sufficient to protect your databases. Hackers have shown themselves adept at exploiting vulnerabilities and other techniques to slip through and compromise your databases. So database security is of high importance.
Leveraging the Guardium portfolio, you can achieve the following benefits:
Database activity monitoring to understand 100% of database transactions and document who, what, when and how of database transactions
Data encryption to protect the actual data itself to protect against accidental disclosure or hackers
Database vulnerability assessments to understand weaknesses in your database running as a virtual machine for example mis-configurations, use of default setting or back level patches
Assure compliance – InfoSphere Guardium comes complete with regulatory accelerators including SOX and PCI DSS, you can monitor the database activity relevant for each mandate
Using the InfoSphere Guardium portfolio you can set up access policies for each of your virtual machines running instances of DB2 or another database. This way you can control who and what accesses database resources. If an unauthorized access occurs, you can take action. For example, terminate the connection or sent an alert.
This about existing database security and privacy solutions you have in place today. Will they scale across your virtual environment?
Confirm with nir
When choosing security and privacy solutions, pick those which work in a virtual and cloud environment without any special setup, configuration or added expense. Many security and privacy solutions are depended on network resources or monitor certain physical assets like ports. Choose solutions what follow the virtual machine and scale across physical, virtual and cloud infrastructures and don’t require any special changes for virtual and cloud environments.
Guardium would not be a complete data security solution if it only covered a few databases, so we have expanded our scope from all major databases, to data warehouses (also Big Data), ECM, file systems, and now to Big Data environements based on Hadoop, such as IBM InfoSphere BigInsights and Cloudera. We aim to satisfy all data security and compliance needs in heterogeneous and large scale environments.
MongoDB (2.2.3)
Cassandra (1.2.2)
GreenplumDB (4.2) –EMC DW
HortonWorks (1.2.1)
CouchDB (1.2.1)
Safeguarding information is required by numerous legal and corporate mandates. Developing a holistic data protection approach while at the same time managing resource costs, requires organizations to invest in solutions which span physical, virtual and cloud environments.
To ensure data is protected in virtualized and cloud environments organizations need to understand what data is going into these environments, how access to this data can be monitored, what types of vulnerabilities exist and how to demonstrate compliance. Protections should be build into virtual and cloud environments from the start.
IBM InfoSphere Guardium can help support your cloud and virtualization strategy with:
Virtualized database activity monitoring, database vulnerability assessments, data redaction and data encryption
Automatic discovery and classification of data in the cloud
Static and dynamic data masking to ensure a least privileged access model to cloud resources
Audit and compliance reports customized for different regulations to demonstrate compliance in the cloud
InfoSphere Guardium provides a single comprehensive solution for physical, virtual and cloud infrastructures through centralized, automated security controls across heterogeneous environments. InfoSphere Guardium helps streamline compliance, improve productivity, manage data access and manage database vulnerabilities.
There are many, many other examples of successful InfoSphere Guardium deployments. InfoSphere Guardium is the most widely deployed Database Auditing and Protection solution .They span across top customers in all verticals and continents, for example:
(Review a few of the highlights from the slide)
Created July 2013
Santiago Stock Exchange – Bolsa Comercio Santiago
Client Overview
The third largest market in Latin America behind Mexico and Brazil. Provides back office services for custody, billing, statements, and accountability. The Santiago Stock Exchange in Chile provides “software-as-a-service” environment
Santiago Stock Exchange relies on a wide range of electronic trading and information systems as well as capital and portfolio management applications, to support its daily business operations.
Business Need:
Maintain the data integrity and protect the confidentiality of data generated by its core applications and systems to comply with government regulations in a “software-as-a-service” environment
Implement a security solution that would enable it to define access policies and monitor the connections to its core systems and applications without inhibiting performance or availability.
Benefits:
Provides comprehensive database monitoring and automated audit reporting, without affecting application performance
Automatically audits data access, supports compliance with government regulations for data security, and helps avoid costly sanctions for non-compliance
Monitors all user activity, even privileged users, and limits database access to only those who are authorized
Solution Components:
Software
IBM InfoSphere Guardium Database Activity Monitor
Case Study Link: http://www-01.ibm.com/software/success/cssdb.nsf/cs/RMUE-8VLCS6?OpenDocument&Site=corp&ref=crdb
“The name of the service is trust. So our clients have to be sure that their data are highly protected. So the responsibility of the Santiago Stock Exchange is to maintain the data in a very secured environment.” — André Araya Falcone, Chief Information Officer, Santiago Stock Exchange.
Created July 2013
Leading Healthcare Payer
Client Overview
Leading healthcare payer organization with more than 500,000 members.
The IT infrastructure includes nearly 50 database instances in production, staging, test, and development environments. These databases support a range of financial, customer, and patient applications.
Business need:
Need to implement database auditing to support compliance with Sarbanes Oxley (SOX) and Health Insurance Portability and Accountability Act (HIPAA).
Find a cost effective means of implementing controls to protect sensitive data and validating compliance with multiple mandates.
After inquiring with Gartner and Forrester Research, this organization evaluated multiple vendors and chose the IBM InfoSphere Guardium solution.
Benefits:
Monitors user access to critical financial, customer, and patient application databases, including privileged users
Centralizes and automates controls and regulatory reporting across distributed heterogeneous database environments
Provides proactive security via real-time alerts for critical events without affecting performance or requiring changes to databases or applications
Solution Components:
Software:
IBM InfoSphere Guardium Database Activity Monitor
Case Study Link: http://www-01.ibm.com/software/success/cssdb.nsf/cs/JHAL-8DMUU6?OpenDocument&Site=corp&ref=crdb
No Quote Available
there are currently two Guardium certification tests.If you are looking into taking an IBM professional product certification exam, you may look into taking the 000-463 certification (http://www-03.ibm.com/certify/tests/ovr463.shtml).Upon completion of the 000-463 certification, you will become an IBM Certified Guardium Specialist (http://www-03.ibm.com/certify/certs/28000701.shtml).The certification requires deep knowledge of the IBM InfoSphere Guardium product. It is recommended that the individual to have experiences in implementing the product to take the exam. You can view the detailed topics here: http://www-03.ibm.com/certify/tests/obj463.shtmlDetails each topics are covered in the product manuals. You will also find the Guardium InforCenter a useful resource when you prepare for the exam: http://publib.boulder.ibm.com/infocenter/igsec/v1/index.jsp
Data is a key part of the ibm security framework and not only the way we are covering data on the cloud and a whole set of security solutions including security and analytics that also have cloud presence for the cloud – which means we are managing security for customers who want ot secure their interction with the cloud
Fromn the cloud – the capability we have available from the cloud.
We have a concerted effort to have this be an extension of your IT securiyt into the cloud.
Mandatory Thank You Slide (available in English only).
Again, we put the Guardium agents both on the Mongos (routing server/map-reduce) and the distributed shards.
The same way we support DBs and Hadoop, we minimaly affect performance of the access traffic, yet we collect rich audit information and monitor against policy. Also with the added benefit of SOD.
*****************************
InfoSphere Guardium uses a real-time monitoring architecture. The key to the architecture is the use of S-TAPs, software taps, that sit on the Mongo servers. . These S-TAPs are nonintrusive, and have very low ovverhead and require no server configuration changes. The S-TAP streams network packets to a separate, hardened software or hardware appliance called a collector and stored in an internal repository. There are prebuilt reports for most activities that can be easily customized using the report bulder. And real time alerts can be generated and sent via email or forwarded to a security intelligence and event management system such as IBM QRAdar, Arcsight …
Additional detais. .
The main events covered include:
Operations against the HDFS – whether HDFS commands issued from command line or HDFS operations that come from map reduce jobs or hive queries
Requests for MapReduce jobs, who ran it, when , from what client IP.
Errors and exceptions
Hive queries and HBase operations
Of the databases which are vulnerable and used for production purposes, we need to encrypt the data. Requirement 3 of PCI DSS “Protect stored cardholder data” requires production data to be encrypted.
Encryption helps:
Ensure broad threat protection
Lost or stolen media
Unauthorized file sharing
Privileged user abuse
Data leakage / unauthorized access
File protection: backups, log, configuration, executable
Help satisfy compliance requirements
PCI DSS
Corporate / internal mandates
Promote separation of duties
Security management
Technical staff
Business owners
Develop defense in depth strategy
Put permiter slide between 7 and 8
Thi sis the ‘how’ slide
The InfoSphere Guardium solution was one of the first database security solutions on the market, so we have over a period of years been able to build in virtually all the functions needed to secure databases and validate compliance throughout the whole security lifecycle.
With an understanding of how the solution works, let’s take a look at how it can simplify and automate a variety of important tasks. We’ll see that Guardium can help with the data security process by:
Discovering the data environment composition : you cannot govern what you do not understand. Find un-catalogued databases and sensitive information.
Helping understand the security/risk posture and hardening the data environment. Discover actual entitlements to data and objects, to help eliminate unwanted privileges and reduce the cost of managing user rights. Vulnerability & Configuration Assessment Architecture.
And finally, maintaining security and compliance on a continuous basis by monitoring all transactions, automating controls to protect our sensitive data, and simplifying the process of capturing and utilizing the data needed to validate compliance with a wide variety of mandates. Cross-platform policies and auditing for enterprise-wide deployment. Fine-Grained Policies with Real-Time Alerts. Prevent policy violations in real-time (blocking). Expanding Fraud Identification at the Application Layer. Identify inappropriate use by authorized users. Automate oversight processes to ensure compliance and reduce operational costs
Created July 2013
International Telecommunications Company
Client Overview
Leading international telecommunications organization had systems managed by a well-known global systems integrator.
Business Need:
Monitor access to sensitive customer data in thousands of Operational Support (OSS) and Business Support (BSS) databases in data centers across a wide geographical area.
Need to enforce data privacy policies and automate audit reporting to support regulatory compliance requirements
Benefits:
Monitors OSS and BSS database activity in real-time across heterogeneous operating environments in 16 data centers
Automates audit reporting and provides detailed audit trail of all access to sensitive data
Provides real-time blocking and alerts to help ensure that privacy policies are strictly enforced
Solution Components:
Software
IBM InfoSphere Guardium Database Activity Monitor
Case Study Link: http://www-01.ibm.com/software/success/cssdb.nsf/cs/JHAL-8DMTGN?OpenDocument&Site=corp&ref=crdb
No Quote Available