Professional Documents
Culture Documents
DYNAMIC DISTRIBUTED
Data multiplies Data is everywhere,
continuously and across applications
moves quickly and infrastructure
IN DEMAND
Users need to constantly access
and share data to do their jobs
Source: 2014 ‘Cost of Data Breach Study: Global Analysis’, Ponemon Institute
38%
Outsiders
31.5%
Malicious 23.5%
insiders Inadvertent
actors
Guardium VA
Guardium for Applications
Guardium Encryption
Guardium Discovery
Guardium DAM
http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf?CMP=DMC-SMB_Z_ZZ_ZZ_Z_TV_N_Z038
ANALYZE ADAPT
Automatically Seamlessly handle
discover critical data changes within your IT
and uncover risk environment
PROTECT
Complete protection for sensitive
data, including compliance automation
Discovery
Masking Vulnerability Entitlements Activity Blocking Dynamic Data
Classificatio
Encryption Assessment Reporting Monitoring Quarantine Masking
n
Web Apps DB
VSAM
z/OS Datasets FTP
Linux, Unix
Windows
Data Sensitive
Repositories Documents
Application Servers
Guardium
Collector Appliance
Data Servers
(DB, Warehouses, Files, Big Data)
• DISCOVER
• MONITOR
• PROTECT
Guardium
host-based probes • AUTOMATE
Guardium
LOB Marketing Big Collector
Guardium
Data Analytics Collector
STAP Sniffer
Guardium Analysis Engine analyzes,
Sniffer can send parses then logs appropriate data to
Database Server control signals to the internal repository
STAP
Monitoring and
prevention of
unauthorized access
by privileged users
Session Terminated
Privileged User
NEW! •Dynamic Masking and Fine Grained Access Control for databases (DB2, MSSQL, Oracle)
v10
Identification of
user and potential
fraud in application
Application transactions
User
Integration of
compliance process
and auditing role
Auditor
Finance
Human
Resources
Security Event
SMTP, SNMP, Syslog
Management
Default
Username
and
Password
Unknown
Excessive
sensitive
Privilege
data
Implications
Data breach
Non Default
supported settings and Insider Theft
product misconfigur
versions ations
Audit Fail
Un-patched
Databases
Non
Compliance
• DoD STIG
Enforce • CIS
• CVE • Privileges
• Configuration settings
• Security patches
Secure • Password policies
• OS Level file permission
Zero Impact
Performance
Result History
Summary
Filters and
Outlining
Sort Controls
Results
Detailed Detailed
Test Descriptions
Results of Fixes
? ?
File activity monitoring helps you manage access to your unstructured data containing
NEW! critical and sensitive information. Provides complete visibility into activity by
providing extensive compliance and audit capabilities.
Consulting
System Integration
Security Services
Guardium Data
Activity Monitoring
Managed Services
Guardium Vulnerability
Assessment
Outsourcing
Strategic
© 2015 IBM Corporation 34
Guardium & QRadar
Optimizing security while expanding monitoring scope for data sources
Improve analytics performance
by offloading data analysis
Network
Data Application Network Security Servers Mainframe Identity
Database Infrastructure
File Big Data Warehouse
Proven success
Successfully installed in the largest and most challenging
environments in the world
Database Audit Wave:
Reliable IBM #1 Leader -
Both the technology and the company “InfoSphere Guardium offers
support for almost any of the
features one might find in an
Complete auditing and real-time
All data platforms under one roof, easier to manage, faster to deploy protection solution.”
Scalable
Enterprise-ready, lower TCO and clear ROI
(automation, integration and centralization) Data Masking MQ:
IBM #1 Leader -
“Most frequently
Integrated referenced by
- Seamlessly integrated with IT and processes. customers.”
A leading global bank uses An auto manufacturer uses An insurance company deployed
Guardium to analyze and protect Guardium to analyze and protect IBM Security Guardium across 130
data in a dynamic environment data by monitoring and auditing databases in just 3 weeks.
using real-time monitoring of more 500 production databases.
than 5K heterogeneous data They can now get compliance
sources, including Big Data They have increased security, while reports for PCI, SOX, and HIPAA
sources, without affecting the reducing staff security requirements in just a few moments.
performance of critical apps. from 10 FTEs to 1 FTE.
THANK YOU
www.ibm.com/security
© Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any
kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor
shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use
of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or
capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product
or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries
or both. Other company, product, or service names may be trademarks or service marks of others.
Legal notices and disclaimers
Copyright © 2015 by International Business Machines Corporation (IBM). No part of this Information concerning non-IBM products was obtained from the suppliers of those
document may be reproduced or transmitted in any form without written permission from products, their published announcements or other publicly available sources. IBM has
IBM. not tested those products in connection with this publication and cannot confirm the
accuracy of performance, compatibility or any other claims related to non-IBM products.
U.S. Government Users Restricted Rights – Use, duplication or disclosure restricted by Questions on the capabilities of non-IBM products should be addressed to the suppliers
GSA ADP Schedule Contract with IBM. of those products. IBM does not warrant the quality of any third-party products, or the
Information in these presentations (including information relating to products that have ability of any such third-party products to interoperate with IBM’s products. IBM
not yet been announced by IBM) has been reviewed for accuracy as of the date of initial EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESSED OR IMPLIED,
publication and could include unintentional technical or typographical errors. IBM shall INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
have no responsibility to update this information. THIS document is distributed "AS IS" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
without any warranty, either express or implied. In no event shall IBM be liable for any The provision of the information contained herein is not intended to, and does not, grant
damage arising from the use of this information, including but not limited to, loss of data, any right or license under any IBM patents, copyrights, trademarks or other intellectual
business interruption, loss of profit or loss of opportunity. property right.
IBM products and services are warranted according to the terms and conditions of the Other company, product, or service names may be trademarks or service marks of
agreements under which they are provided. others. A current list of IBM trademarks is available at “Copyright and
trademark information” www.ibm.com/legal/copytrade.shtml
Any statements regarding IBM’s future direction, intent or product plans are subject to
change or withdrawal without notice. Performance data contained herein was generally
obtained in a controlled, isolated environments. Customer examples are presented as
illustrations of how those customers have used IBM products and the results they may
have achieved. Actual performance, cost, savings or other results in other operating
environments may vary. References in this document to IBM products, programs, or
services does not imply that IBM intends to make such products, programs or services
available in all countries in which IBM operates or does business.
Workshops, sessions and associated materials may have been prepared by independent
session speakers, and do not necessarily reflect the views of IBM. All materials and
discussions are provided for informational purposes only, and are neither intended to,
nor shall constitute legal or other guidance or advice to any individual participant or their
specific situation.
It is the customer’s responsibility to insure its own compliance with legal requirements
and to obtain advice of competent legal counsel as to the identification and interpretation
of any relevant laws and regulatory requirements that may affect the customer’s business
and any actions the customer may need to take to comply with such laws. IBM does not
provide legal advice or represent or warrant that its services or products will ensure that
the customer is in compliance with any law.