How IBM Guardium Data Protection for Files works

Monitor and audit all data activity

View all transactions on your file system, attached and removable storage by users, developers, outsourced personnel and applications. Identify users who attempt unauthorized access. Provide access monitoring independent of native operating system logging and audit functions. Improve data security by detecting unusual file activity. Inventory all files and metadata to provide a clear picture of your unstructured data landscape. Automate sensitive data discovery and classification.

Enforce security policies for file access and change control

Monitor and enforce security policies for sensitive unstructured data access, privileged user actions and change control. Use access policies to identify anomalous behavior such as mass copy and deletion of files and directories, detect spikes in file access activity by user, and receive alerts when monitored files are accessed improperly. Support policy-based actions such as auditing, real-time security alerts, and read and write blocking.

Accelerate compliance workflows and audit activities

Create a centralized repository that aggregates data throughout your enterprise for compliance auditing and reporting, correlation and forensics without enabling native operating system audit functions. Provide a tamper-proof audit trail that supports the separation of duties required by auditors. Deliver customizable compliance workflow automation to generate compliance reports and distribute them to oversight teams for electronic sign-offs and escalation to get the reports to the right people.

Safeguard sensitive data across heterogeneous environments

Monitor and audit activity on file systems, attached storage, and removable devices—across all leading platforms, file shares and operating systems. Support enterprise operating systems including SharePoint, NAS, Windows, UNIX and Linux. Discover and classify sensitive enterprise data for all platforms and most file types. Monitor and prevent unauthorized access for all file types.

Discover and classify data in files and file systems

Discovers files containing sensitive data, and then uses customizable classification labels and entitlement management capabilities to create and enforce security policies. The solution: locates files; extracts metadata (name, path, date last modified, etc.), stores details in a central repository, and examines file content to help identify credit card numbers, personal identifiers, source code, and more. Users can also add their own custom criteria. Supports NAS, SharePoint, Windows, Unix.

How customers use it

  • Screen shot of Guardium navigation overview

    Address unstructured data security challenges


    Data growth is accelerating, and unstructured data is growing the fastest. You need to manage dynamic, distributed, and in demand unstructured data while minimizing exposures in an intelligent, efficient, and cost effective way.


    IBM Security Guardium Data Protection for Files provides a holistic data security platform for unstructured data in NAS, Sharepoint, Windows and Unix.

  • Screen shot of suspected SQL injection cases identified by Guardium

    Analyze data and gain visibility


    Because data is constantly changing, moving, and being accessed by new users, it can be difficult to understand what data you have, how it is being used, and if either of these things put you at risk from a security or compliance perspective.


    Guardium automatically discovers critical data and uncovers risk, providing visibility into all transactions and protocols across platforms and users.

  • Screen shot of dashboard in Guardium

    Protect critical data


    Insider threat and external attacks pose dangers to data; but traditional approaches can’t enforce separation of duties, recognize suspicious activity in real time, or help you act. Compliance mandates and potential audits increase complexity.


    Guardium enables complete protection for sensitive data via real-time capabilities including monitoring, alerting, blocking and quarantining, along with compliance automation to streamline operations and reduce risk of audit failure.

  • Screen shot of compliance monitoring in Guardium

    Adapt to changing environments and requirements


    Constantly expanding environments, new platforms, evolving compliance requirements and dynamic users make data protection a complex challenge.


    Guardium seamlessly handles changes within your IT environment, enabling you to secure new data sources, expand your deployment, or add new users. This flexible, tiered approach allows you to reduce costs while protecting your most critical assets.

Technical details