How IBM Guardium Data Protection for Databases works
Monitor and audit all data activity
Understand and develop complete visibility into all transactions for all platforms and protocols by users including database administrators, developers, outsourced personnel and applications. Identify application users who make unauthorized changes from common service accounts. Provide user and application access monitoring independent of native database logging and audit functions. Improve data security leveraging analytics to detect unusual data access patterns.
Enforce security policies in real time
Monitor and enforce security policies for sensitive data access, privileged user actions, change control, application user activities and security exceptions. Use outlier detection analytics to identify anomalous behavior by automatically comparing data activity to a normal behavior baseline. Support exception policies based on definable thresholds such as SQL errors. Use extrusion policies to examine data leaving the database for specific value patterns such as credit card numbers.
Accelerate compliance workflows and audit activities
Aggregate and normalize audit data throughout your enterprise for compliance reporting, correlation and forensics without requiring native database audit functions. Provide a tamper-proof data access audit trail that supports the separation of duties required by auditors. Deliver customizable compliance workflow automation to generate compliance reports and distribute them to oversight teams for electronic sign-offs and escalation to get the right reports to the right people at the right time.
Support heterogeneous environments
IBM Guardium Data Protection for Databases supports enterprise databases or data warehouses running on major operating systems including IBM DB2, Oracle, Teradata, Sybase, Microsoft SQL Server, running on Windows, UNIX, Linux, AS/400, and z/OS. It also supports key enterprise resource planning and customer relationship management applications as well as custom and packaged applications.
Readily adapt to changes in your data environment
Create an agile and adaptive data protection environment that adjusts as new users, platforms and types of data are added. Scale to any size data protection effort with a flexible and tiered approach including seamless load balancing and self-monitoring. Streamline administration and deployment of data security and compliance with a business-centric user experience and automated tasks.
Leverage the rest of the IBM Security Guardium solution
IBM Guardium Data Protection for Databases can be combined with IBM Guardium Data Protection for Big Data, and IBM Guardium Data Protection for Files, IBM Guardium Data Encryption, IBM Guardium Vulnerability Assessment, IBM Multi-Cloud Data Protection, IBM Guardium Multi-Cloud Data Encryption and more, to flexibly safeguard sensitive data across the business environment.