Today, organizations are struggling to manage a variety of complex data security threats, from misuse by insiders or cyber criminals outside the company. Combined with an increase in corporate security compliance policies, clients of all sizes are under pressure to build data security into the fabric of their IT systems.
According to industry estimates, on average, a data breach can cost a company between $100 and $200 per compromised record. Recognizing these challenges, IBM is delivering new software that enables organizations to embed data security and privacy capabilities into all their enterprise databases and applications such as CRM, human resources, ERP, accounting, finance and other applications.
IBM is introducing InfoSphere Guardium 8 which allows organizations to simplify security and compliance regulations with a single set of automated and centralized controls for a broader range of enterprise databases and applications. In addition to its automated monitoring capabilities, the new software also helps clients more easily meet compliance mandates by delivering stronger information governance controls to ensure the privacy and integrity of corporate data while simplifying audits. These new capabilities will also help lower compliance costs across all of an organization’s high-value data sources.
New features in InfoSphere Guardium include:
Fraud Protection for SAP Systems: From client data to ERP and personnel information, SAP systems often contain sensitive information that must be monitored for compliance and audit purposes. Now, businesses can detect fraud in real-time through the monitoring of all user activities at the application layer, including activities by administrators and outsourced personnel. The new release of InfoSphere Guardium provides more detailed information about SAP users, making it easier for businesses to detect fraudulent activities without making any changes to their databases or applications.
Protection of SharePoint files: SharePoint repositories often contain sensitive information such as corporate financial results and valuable intellectual property such as product design data, but they do not have the necessary controls to prevent misuse by insiders. Now, for the first time, businesses have continuous real-time monitoring controls making it easier to detect unauthorized access to SharePoint repositories.
Support for the Mainframe: An often overlooked, yet critical aspect of database security is real-time monitoring and auditing controls for database and system administrators. IBM now offers enhanced database activity monitoring capabilities for IBM DB2 databases running on System Z, allowing businesses to protect critical information from unauthorized access by administrators. For example, if a database administrator at an insurance company tries to access a client's social security number, salary and medical history, the system will immediately generate an alert for security and compliance personnel. The new version of InfoSphere Guardium 8 leverages IBM-developed mainframe technology to capture all database transactions with minimal performance impact.
Additionally, businesses can now perform a series of automated tests to assess security vulnerabilities such as weak permissions that could leave the organization open to data loss or failed compliance audits. InfoSphere Guardium also provides monitoring and assessment capabilities for non-IBM database platforms executing on the mainframe such as Oracle for Linux on System z.
Improved Compliance and Audit processes: A critical part of any audit is the ability to demonstrate that compliance and exception reports have been reviewed by oversight teams and appropriate actions taken. With the new software, businesses will have improved flexibility to define custom workflows and share specific audit information with relevant audiences in their organizations. Together with the software's pre-packaged report templates for common regulations such as SOX, HIPAA and PCI, this capability will help businesses save time and money by significantly reducing time required to gather and report on compliance data required by auditors.
Advanced Blocking and Quarantining: In the event of unauthorized or suspicious activity, businesses can selectively block individual users from accessing the system for a specified period of time, avoiding the loss of valuable data until the activity can be investigated. For example, if a customer service representative looks up hundreds of credit card numbers within an hour he or she would automatically be locked out of the system. Similarly, if a database administrator at a hospital accessed private data on a high-profile patient, that employee’s access to the database would be immediately blocked, without requiring any manual, time-consuming or error-prone changes to critical databases and applications
Integration with Tivoli software: Now, critical security and compliance monitoring information about high-value databases and applications, collected by InfoSphere Guardium software, can be combined with information about other systems and network security devices collected by Tivoli Security Information and Event Management software. This integration provides businesses with an enterprise-wide view of key information that enables them to more easily address information governance across the enterprise.
With new capabilities for System z, SharePoint and SAP along with existing capabilities for protecting heterogeneous database infrastructures including IBM DB2 and Informix, Oracle and Microsoft SQL Server and enterprise applications such as IBM Cognos and PeopleSoft, IBM is now delivering the broadest industry support available for database security, monitoring and compliance.
“From organized crime syndicates stealing credentials and hacking into databases to unauthorized access by employees, businesses are facing an overwhelming volume of sophisticated data security threats,” said Mike Gibbons, principal, Deloitte, a leading system integrator. “Organizations must now implement additional layers of security such as real-time database activity monitoring because traditional perimeter security approaches such as network firewalls and anti-virus systems are no longer sufficient.”
To respond to clients needs to address increasingly complex data and cyber security threats, IBM is steadily building its security portfolio through a mix of organic innovations and acquisitive growth. IBM’s approach is to strategically manage information technology and operational risk end-to end across all areas of information technology security. From organic innovations from IBM Research to acquisitive growth such as the Guardium offerings, IBM offers the broadest set of security and cyber security software and services offerings.
“Data is the new currency for business and safeguarding that investment is a primary concern for businesses across every industry,” said Arvind Krishna, general manager,” IBM Information Management. “IBM is the only vendor that can help clients reduce the complexity of data security across the largest and most diverse data center environments while at the same time reducing the costs associated with regulatory compliance.”
Since 2006, IBM has made 11 acquisitions to expand its range of offerings in the security space. With less than a year since the acquisition of Guardium, that technology and expertise has been rapidly integrated within the broader IBM security portfolio helping businesses secure their critical databases and applications.
With more than 3,500 service consultants, hardware, software that spans a business' entire infrastructure, research and a global network of business partners, no other company can provide the experience and breadth of offerings as IBM to help clients implement company-wide, integrated risk management programs.
This year, IBM launched the IBM Institute for Advanced Security, an initiative that will help clients, business partners and academics better understand and address the cyber security issues that can impact their IT and business systems. Based in Washington D.C., the Institute provides a collaborative environment for public and private sector officials worldwide to tap into IBM’s vast security expertise to more efficiently and effectively secure and protect critical business information threatened by increasingly malicious and costly cyber threats.
IBM Managed Security Services combine infrastructure, experience and expertise to provide constant monitoring and management of security technologies in client environments around the globe. By providing clients with a single management console to view an entire security infrastructure and the ability to manage multiple products from various security vendors, IBM can help simplify security management and maximize existing investments.
Designed to provide clients from around the world with the highest level of around-the-clock protection and service, IBM’s nine global security operations centers are constantly staffed with managed security services professionals. For clients adopting cloud computing, IBM Cloud Security Services offerings harness the power of the IBM Virtual-Security Operations Center platform to deliver high-value services that require little or no security device investment or maintenance.
The IBM InfoSphere Guardium security platform is installed in more than 500 data centers worldwide, including 5 of the top 5 global banks; 4 of the top 6 insurers; 2 of the top 3 retailers; 20 of the world’s top telcos; top government agencies; the most recognized name in PCs; a top 3 auto maker; a top 3 aerospace company; and a leading supplier of business intelligence software.
The IBM InfoSphere Guardium 8 software will be available in mid-September. It is offered as a pre-configured appliance or virtual appliance for rapid deployment and simplified maintenance.