Data security and privacy

Secure, monitor, audit and protect sensitive data

Protection for structured, unstructured, online and offline data.

IBM® Security data security and privacy solutions provide a holistic approach that helps prevent data loss while enabling data access to support business operations, growth and innovation. They help you:

Steps to achieving data security:

Understand and classify sensitive data—Understand where data resides, how it is related and how to define security and privacy policies.

Assess vulnerabilities—Detect database vulnerabilities and harden repositories.

  • IBM

    Manage compliance and protect enterprise data

    Discover how you can meet compliance requirements by auditing and protecting enterprise information.

  • IBM

    Encrypting data with confidence, across the enterprise and beyond

    Read this paper and learn how you can reduce complexity, cost and risk with industry-standard encryption key management.

Monitor and audit—Monitor transactions to enforce policies and capture a detailed audit trail.

Prevent unauthorized database activities—Block, quarantine or mask transactions that violate policy. 

Protect sensitive data—Encrypt structured and unstructured sensitive data, mask or redact sensitive data in documents and forms, and encrypt data in storage.

Manage access—Manage privileges and authenticate users to limit data access.

What we offer


Data security and privacy products from IBM Security.

IBM Security data security and privacy products help you ensure regulatory compliance and defend against both internal and external attacks. They can lower storage and data management costs.

IBM Security data security and privacy products include:

IBM InfoSphere Vulnerability Assessment
Scan and detect vulnerabilities on a scheduled basis.

IBM InfoSphere Guardium Data Activity Monitor
Monitor access to databases and automate compliance controls.

IBM InfoSphere Guardium Data Encryption
Encryption capabilities to help safeguard structured and unstructured data for security and compliance.

IBM Security Key Lifecycle Manager
Centralize, simplify and automate encryption key management.

IBM Security Key Lifecycle Manager for z/OS
Centralize, simplify and strengthen encryption key management for mainframe environments.

IBM InfoSphere Guardium Data Encryption for IBM DB2® and IBM IMS™ Databases
Provide encryption and data protection for DB2 and IMS systems.


  • IBM InfoSphere Guardium database activity monitoring

    Protect your sensitive data in distributed DBMS environments

Whitepapers & eBooks

  • IBM

    Three guiding principles to improve data security and compliance

    A holistic approach to data protection for a complex threat landscape

  • Magic Quadrant for Data Masking Technology

    A Gartner analyst report

  • IBM

    Manage compliance and protect enterprise data

    IBM InfoSphere Guardium eBook

  • IBM

    Managing the Entire Database Security and Compliance Lifecycle

    IBM InfoSphere Guardium data sheet (PDF, 3.95MB)


Complete multi-layer data protection with the New IBM InfoSphere Guardium, InfoSphere Guardium Data Encryption and IBM Security Key Lifecycle Manager

Data repositories are the backbone of an organization's operations—powering enterprise applications, supporting financial transactions and internal processes as well as underpinning a multitude of mission critical business analytics processes.

Further, the data contained within these dynamic repositories is both highly regulated and a primary target for internal and external attackers who may use a variety of attack taxonomies to gain access to your data.

The nature of this data and the variety of threats against it requires enterprises to meet strict compliance standards, ensure data integrity and protect sensitive information, within the database, at the file system level and at the storage media level. Achieving this level of security requires a layered, well-focused data-centric security approach.

New cloud and big data environments widen the threat of exposure

These new environments also introduce new risks. Shared, comingled data storage represents one problem common to all environments, while additional privileged user roles add more risk—and the lack of control over the physical infrastructure inherent in these solutions also adds to the problem.

The IBM solution: A comprehensive, multi-layer data protection approach

These data protection challenges can be overcome by using IBM InfoSphere® Guardium® Data Activity Monitor, IBM InfoSphere Guardium Data Encryption, IBM Security Key Lifecycle Manager and IBM Security zSecure™ Audit.

With IBM Data Security, enterprises can now protect data when it is in active use in an application, at a file level and when it is at rest in a database and even at the storage device level.

InfoSphere Guardium provides real-time data security and monitoring, fine-grained database auditing, automated compliance reporting, data-level access control, database vulnerability management, auto-discovery of sensitive data and static and dynamic masking on demand. The new InfoSphere Guardium v9.1 extends these capabilities to big data environments as well

InfoSphere Guardium Data Encryption complements Guardium Data Activity Monitoring capabilities with file-level encryption for critical data containers, policy-based access controls that decrypt information only for authorized processes and users and file-level data access logging and alerting.

IBM Security Key Lifecycle Manager v2.5 empowers organizations to take an integrated approach to encryption key management for protecting active as well as archived data. It can manage encryption keys not only for IBM storage devices, but also for standards-based devices from other vendors—including Emulex, Brocade, Network Appliance and Thales. Plus, it provides quick time to value with an intuitive interface and lightweight architecture.

For the mainframe:

IBM® Security zSecure Audit gathers and analyses data security information and creates customized audit reports that includes IBM DB2®, IBM IMS™ and IBM CICS® event data. New integration support sends RACF DB2 authorization information to Guardium Vulnerability Assessment for analysis.

Not in United States?

Contact IBM

Considering a purchase?

IBM X-Force Threat Intelligence Quarterly – 1Q 2015

Learn how designer vulns and made-to-order malware showed the cracks in the foundation of the internet

Read the latest report

Concerned about visibility and control in the cloud?

  • Adopt cloud with confidence using IBM Dynamic Cloud Security

    Learn more

Data security and privacy resources

Demos and Videos

IBM InfoSphere® Guardium® Data Security Library

Access ebooks and white papers about protecting big data and other topics.

Same product, new name!

The product you selected is now offered under a new name. The product page you will be taken to will reflect this new name.