The world depends more than ever on highly sensitive digital information—from customer credit cards to electronic health records to classified government data—and this confidential information is an increasingly attractive target for criminals.
Top data protection challenges
· Where is my sensitive data - and who’s accessing it (including privileged users)?
· How can I enforce access control and change control policies for databases?
· How do I check for vulnerabilities and lock-down database configurations?
· How do I reduce costs by automating and centralizing compliance controls
Today’s attackers bypass traditional perimeter defenses by exploiting web application vulnerabilities, such as by SQL injection, or by leveraging stolen administrative credentials to compromise backend databases. Staying a step ahead of these sophisticated attacks requires a comprehensive, layered approach to data security software that helps organizations identify anomalies and take action before any serious damage can occur. By integrating data monitoring and vulnerability assessment with overall security intelligence, organizations can uncover hidden relationships and security data classification within massive amounts of security data. The analytics can extend across the entire IT environment, so threats against traditional databases as well as unstructured “big data” sources can be correlated with suspicious activity at the network, infrastructure or application level. This way, millions of security events can be reduced to a manageable list of prioritized incidents with the help of proper data security management and a good data security software.
Comprehensive data protection with IBM InfoSphere Guardium
To secure databases, data warehouses and other platforms, organizations are turning to IBM InfoSphere Guardium for integrated technologies for managing the entire security data and compliance lifecycle. InfoSphere Guardium helps organizations identify where sensitive data exists, continuously monitor and audit data activity, enable security policies— such as automated alerts to respond to security incidents in real time—and assess enterprise database vulnerabilities. InfoSphere Guardium helps organizations understand the who, what, when and how of all database, warehouse, file share. With a complete history of database access, organizations can understand data and application access patterns, prevent data leakage, enforce data change controls and respond to suspicious activities in real time. A secure, centralized repository provides a fine-grained audit trail of all activities. In addition, IT executives can use customizable work-flow automation to generate compliance reports on a scheduled basis, distribute them to oversight teams for electronic sign-offs and escalation, and document the results of remediation activities without the need to enable native auditing functions. By deploying InfoSphere Guardium, organizations can:
●● Prevent data breaches—The IBM solution can help protect sensitive data from both internal and external sources, including privileged users(security data access).
●● Ensure data integrity—Data access controls can help prevent unauthorized changes to data, database structures, configuration files and logs(security data breach,security data file protection,security data integrity).
●● Reduce compliance costs—By automating and centralizing data protection, organizations can streamline audits across heterogeneous environments and reduce the cost of compliance(security data centre).
While InfoSphere Guardium provides the database perspective on identifying anomalies and subtle indicators of attack, a security intelligence platform can combine that analysis with data generated by users, applications and infrastructure. As a result, organizations get prioritized, actionable insights into potential offense sources across the environment so they can:
· Enhance business agility and resiliency by automating security and privacy
· Improve data security features and mitigate risk by reducing fraud and cost of compliance requirements
· Gain enterprise-wide security intelligence to defend against persistent threats
Real-time database security and database activity monitoring
• Find and classify sensitive data in corporate databases(security data handling).
• Assess database vulnerabilities and configuration flaws.
• Ensure that configurations are locked down after recommended changes are implemented.
• Capture and examine all database transactions, including local access by privileged users —for all supported
platforms and protocols — with a secure, tamper-proof audit trail that supports separation of duties.
• Track activities on major file sharing platforms.
• Monitor and enforce policies for sensitive data access, privileged user actions, change control, application user activities and security exceptions such as login failures.
• Automate the entire compliance auditing process —including report distribution to oversight teams, sign-off and escalations — with preconfigured reports for SOX, PCI Data Security Standard (DSS) and data privacy.
• Create a single, centralized audit repository for enterprise-wide compliance reporting, performance optimization, investigations and forensics.
• Easily scale from safeguarding a single database to protecting thousands of databases in distributed data centers around the world.
Scalable multi-tier architecture(
A scalable multi-tier architecture supports large and small environments, with centralized aggregation and normalization of audit data and centralized management of security policies enterprise wide. S-TAPs are lightweight, host-based probes that are able to monitor database traffic, including local access by privileged users, and relay it to InfoSphere Guardium collector appliances for analysis and reporting. Collector appliances gather monitored data from S-TAPs or by connecting directly to SPAN ports in network switches. Aggregators automatically assemble audit data from multiple collector appliances. Multiple tiers of aggregators can be configured for greater flexibility and scalability. Implemented as an extension to S-TAP, the InfoSphere Guardium Data-Level Access Control strengthens security and enforces separation of duties by blocking DBAs from creating new database accounts, elevating privileges for existing accounts and more.
InfoSphere Guardium is a complete database security software which enables us to use the features available in it for database security management.
InfoSphere Guardium is part of the IBM InfoSphere integrated platform for defining, integrating, protecting and managing trusted information in your systems making informaion risk free. The InfoSphere Platform provides all the foundational building blocks of trusted information, including data integration, data warehousing, master security data management system, and information governance, all integrated with a core of shared metadata and models. The portfolio is modular, so you can start anywhere and mix and match InfoSphere software building blocks with components from other vendors, or choose to deploy multiple building blocks together for increased acceleration and value. The InfoSphere platform is an enterprise-class foundation for information-intensive projects, providing the performance, scalability, reliability and acceleration needed to simplify difficult challenges and deliver trusted information to your business faster.
No comments:
Post a Comment