IBM® Security Guardium Express Data Protection for Databases – formerly IBM® Security Guardium Express Activity Monitor for Databases, now with streamlined packaging – enables you to analyze, protect and adapt to support data activity monitoring that addresses compliance requirements for data access mandates. The preconfigured software offers automatic discovery and classification of sensitive data, real-time activity monitoring, centralized compliance management for database environments, and delivers automated compliance workflow and activity reporting.
IBM Security Guardium Express Data Protection for Databases supports data activity monitoring (DAM) for distributed database repositories. It provides a non-intrusive, transparent and secure way to continuously monitor database activity, trigger pre-set real-time alerts on suspicious activities, and generate detailed audit logs for compliance reporting.
IBM Security Guardium Express Data Protection for Databases helps:
- Discover and classify sensitive data.
- Streamline compliance efforts using preconfigured policies, reports and alerts.
- Monitor and audit data activity in database environments in real time.
- Seamlessly expand functionally and operationally as your security requirements grow.
Discover and classify sensitive data
- Discovers your databases, and sensitive data within them.
- Automatically updates access policies when sensitive data is found.
Streamline compliance efforts
- Creates normalized database audit records without affecting the database or application performance, and without requiring native database auditing logs.
- Automatically report on the security posture against database access policies.
- Captures database activity in real-time, and uses preconfigured policies and reports to automatically respond to data relevant sections of key regulations.
- Helps teams ensure the right people get the right reports at the right time for signoff.
Monitor and audit data activity in real-time
- Provides visibility into all transactions by users including database administrators, developers, outsourced personnel and applications.
- Identifies application users who make unauthorized changes from common service accounts.
- Provides user and application access monitoring and auditing that is independent of native database logging and audit functions.
- Monitors security policies for sensitive data access, privileged user actions, change control, application user activities and security exceptions.
- Supports exception policies based on definable thresholds such as SQL errors.
- Supports policy-based actions such as real-time security alerts, including sending alerts to SIEM solutions.
- Allows traffic to be blocked whenever data access attempts are made that violate your data security policies.
Expand seamlessly as you grow
- Supports centralized log collection and management and seamless load balancing that minimizes administrative involvement as the environment changes.
- Allows you to address compliance requirements and then upgrade to support broader data security requirements as needed to create and maintain a centralized data security and compliance solution.
- Expand to include more types of users and support role management.
- Extends to additional data sources using the same platform, as requirements change.
- Upgrade to support tighter security with functions to block data access and, quarantine users or mask results as needed.