IBM® Security® Guardium® Data Protection for Files – formerly IBM Security Guardium Activity Monitor for Files, but now with streamlined packaging – provides activity monitoring for sensitive data in files and file systems, provides cognitive analytics to discover unusual activity around sensitive data, prevents unauthorized data access, provides alerts on suspicious activities, automates compliance workflows, and protects against internal and external threats. Continuous monitoring and real time security policies protect unstructured data across the enterprise without changes to file systems or applications or performance impacts. It provides insight into your document and file contents and usage patterns. IBM Security Guardium Data Protection for Files lets you discover, track, and control access to sensitive files on either local or networked file systems.
IBM Security Guardium Data Protection for Files can help you meet compliance obligations and reduce the risks of major data breaches.
- Uncover internal and external risks to sensitive data.
- Automated discovery and classification of sensitive data.
- Monitor and audit all data activity - across your enterprise file systems.
- Enforce security policies in real time—for all file access, change control and user activities.
- Create a centralized repository of audit data—for enterprise compliance, reporting and forensics.
- Safeguard sensitive data across heterogeneous environments—all leading platforms, file shares and operating systems.
- Readily adapt to changes in your data environment – whether you are adding new users, new technologies, or adjusting to expanding data volumes and workloads.
- Pairs with IBM Security Guardium Data Protection for Databases and IBM Security Guardium Data Protection for Big Data environments for integrated, enterprise-wide monitoring of and control over sensitive data.
Monitor and audit all data activity
- Understand and develop complete visibility into all transactions on your file system, attached and removable storage by users, developers, outsourced personnel and applications.
- Identify users who attempt unauthorized access.
- Provide user and application access monitoring independent of native operating system logging and audit functions.
- Improve data security by detecting unusual file and document read and write activity.
- Inventory all files and metadata to provide a clear picture of your unstructured data landscape.
- Automate sensitive data discovery and classification.
Enforce security policies in real time
- Monitor and enforce security policies for sensitive unstructured data access, privileged user actions, and change control.
- Use access policies to identify anomalous behavior such as mass copy and deletion of files and directories, detect spikes in file access activity by user, get alerted when monitored files are accessed improperly.
- Support policy-based actions such as auditing, near real time security alerts, read and write blocking.
Create a centralized repository of audit data
- Aggregate data throughout your enterprise for compliance auditing and reporting, correlation and forensics without enabling native operating system audit functions.
- Provide a tamper-proof audit trail that supports the separation of duties required by auditors.
- Deliver customizable compliance workflow automation to generate compliance reports and distribute them to oversight teams for electronic sign-offs and escalation.
Support heterogeneous environments
- Monitor and audit activity on file systems, attached storage, and removable devices.
- Support enterprise operating systems including Microsoft Windows, UNIX, and Linux.
- Discover and classify sensitive enterprise data for all platforms and most file types.
- Monitor and prevent unauthorized access for all file types.