IBM® Security Guardium® Data Protection for Databases – formerly IBM® Security Guardium® Data Activity Monitor, but now with simplified packaging – provides data activity monitoring, provides cognitive analytics to discover unusual activity around sensitive data, prevents unauthorized data access, provides alerts on suspicious activities, automates compliance workflows, and protects against internal and external threats. Continuous monitoring and real-time security policies protect data across the enterprise, without changes or performance impacts to data sources or applications. IBM Security Guardium Data Protection is built on a scalable architecture that provides full visibility on data activity across all major databases and data warehouses. It can be combined with IBM Security Guardium Data Protection for Big Data and IBM Security Guardium for Files for expanded monitoring and protection of sensitive data across the enterprise. For organizations supporting z/OS environments, IBM also offers IBM Security Guardium Data Protection for z/OS.
- Uncover internal and external risks to sensitive data.
- Automated discovery and classification of sensitive data (within databases and data warehouses).
- Monitor and audit all data activity.
- Cognitive analytics and specialized threat detection analytics – automatically discover internal and external threats.
- Enforce security policies in real time—for all data access, change control and user activities.
- Create a centralized normalized repository of audit data—for enterprise compliance, reporting and forensics.
- Safeguard sensitive data across heterogeneous environments.
- Readily adapt to changes in your data environment – whether you are adding new users, new technologies, or adjusting to expanding data volumes and workloads.
Monitor and audit all data activity
- Understand and develop complete visibility into all transactions for all platforms and protocols by users including database administrators, developers, outsourced personnel and applications.
- Identify application users who make unauthorized changes from common service accounts.
- Provide user and application access monitoring independent of native database logging and audit functions.
- Improve data security leveraging analytics to detect unusual data access patterns.
Enforce security policies in real time
- Monitor and enforce security policies for sensitive data access, privileged user actions, change control, application user activities and security exceptions.
- Use outlier detection analytics to identify anomalous behavior by automatically comparing data activity to a normal behavior baseline.
- Support exception policies based on definable thresholds such as SQL errors.
- Use extrusion policies to examine data leaving the database for specific value patterns such as credit card numbers.
- Support policy-based actions such as near real time security alerts, traffic blocking, and user quarantines.
Create a centralized repository of audit data
- Aggregate and normalize audit data throughout your enterprise for compliance reporting, correlation and forensics without requiring native database audit functions.
- Provide a tamper-proof data access audit trail that supports the separation of duties required by auditors.
- Deliver customizable compliance workflow automation to generate compliance reports and distribute them to oversight teams for electronic sign-offs and escalation.
Support heterogeneous environments
- IBM Security Guardium Data Protection for Big Data monitors and audits key Big Data environments (Hadoop or NoSQL) such as IBM InfoSphere BigInsights™, Cloudera, Hortonworks, Pivotal, MongoDB and Cassandra.
- IBM Security Guardium Data Protection for Databases supports enterprise databases or datawarehouses running on major operating systems including IBM DB2®, Oracle, Teradata, Sybase, Microsoft SQL Server, running on Windows, UNIX, Linux, AS/400, and z/OS.
- Support key enterprise resource planning and customer relationship management applications as well as custom and packaged applications.
Readily adapt to changes in your data environment
- Create an agile and adaptive data protection environment that adjusts as new users, platforms and types of data are added.
- Scale tot any size data protection effort with a flexible and tiered approach including seamless load balancing and self monitoring.
- Streamline administration and deployment of data security and compliance with a business centric user experience and automated tasks.