IBM Guardium Multi-Cloud Data Protection
Safeguard critical data where it resides with Cloud-based capabilities
Feature spotlights
Automated discovery and classification
Automatically discover sensitive data from across your entire heterogeneous environment so that you can classify it and begin protecting it.
Automated analytics
Automatically analyze risks to sensitive data, from uncovering risky or suspicious user access patterns to uncovering malicious stored procedures or SQL injections, so that you can take action and safeguard sensitive data.
Vulnerability assessment
Scan data environments (databases, data warehouses, big data platforms) to detect vulnerabilities and suggest remedial actions. Identify exposures such as missing patches, weak passwords, unauthorized access and changes, misconfigured privileges, and other vulnerabilities, see full reports, and understand progress over time. Vulnerability assessment supports Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Database as a Service (DBaaS) environments.
Data activity monitoring
Continuous real-time monitoring, combined with cognitive analytics and proprietary algorythms, help discover unusual activity related to sensitive data, prevent unauthorized data access, provide alerts on suspicious activities, and protect against internal and external threats. Data is monitored and protected across the enterprise - from databases to big data platfroms and cloud environments.
File activity monitoring
Continuous real-time monitoring, combined with cognitive analytics and proprietary algorythms, help discover unusual activity related to sensitive data, prevent unauthorized data access, provide alerts on suspicious activities, and protect against internal and external threats. Data is monitored and protected across files and file systems.
Blocking, masking, redaction, alerting and quarantining
Protect sensitive data at rest and in motion in the manner that best meets the needs of your security policies. Apply static or dynamic data masking or redaction. Dynamically block user access to data, or quarantine suspicious user IDs. Send real time alerts to the security team for immediate follow-up on risky or unusual user behavior or access patterns.
Encryption and key management
Protects sensitive data from misuse, whether that data is in an on-premises environment or in a single cloud, multiple clouds, or hybrid cloud environments. Encrypts file and volume data while maintaining access control, and leverage key management for enhanced protection and centralized control of access keys.
Automated compliance and audit support
Aggregate and normalize audit data throughout the enterprise for compliance reporting, correlation, and forensics without requiring native database audit functions. Have audit-friendly data access audit trail supporting separation of duties, and benefit from customizable compliance workflow automation to generate and distribute reports for sign-off and escalation. Pre-packaged, regulation-specific 'accelerators' (such as the GDPR Accelerator) are also included.
Cloud-ready images for major cloud venders
Leverage fully tested and supported images for most major cloud venders. IBM can easily share these images to speed up deployment, so users may start protecting cloud data managed in Infrastructure as a Service (IaaS) environments.