WALTHAM, Mass. -- Guardium, the database security company, today unveiled Universal Local-Access Monitoring, the first non-invasive solution for tracking privileged insider activity across all local-access connections such as DB2 shared memory, named pipes and Oracle Bequeath (BEQ).
These back-channel connections expose organizations to gaping security and compliance risks from rogue administrators, developers and outsourced personnel. As a result, auditors now require organizations to create independent controls around these connections to rapidly identify unauthorized or suspicious access to sensitive information.
Until now, the only sure-proof way to monitor all local-access activity was to enable native database logging. This approach is impractical, however, because it requires database changes that affect the performance and stability of business-critical applications such as ERP, CRM, and credit card processing systems. It also fails auditors requirements for separation of duties, because database logging is not controlled by IT security personnel and can easily be circumvented by database administrators (DBAs).
Unlike traditional log-reading solutions, Guardiums Universal Local-Access Monitoring provides full visibility into all local connections across all major RDBMS and operating system platforms without risk and performance tradeoffs. By creating a full audit trail of all privileged user activities, including local-access activities, it directly supports key data governance and privacy standards such as Sarbanes-Oxley (SOX) and the Payment Card Industry Data Security Standard (PCI DSS).
Guardiums new Universal Local-Access Monitoring solves a very real problem for IT security personnel who are responsible for monitoring privileged users and ensuring the privacy and integrity of corporate data, said Jon Oltsik, senior analyst, Enterprise Strategy Group (ESG). The combination of all-inclusive network and local-access monitoring provides an advanced level of oversight and control that helps enterprises both enforce policies and demonstrate compliance.