Understand and develop complete visibility into all transactions for all platforms and protocols by users including database administrators, developers, outsourced personnel and applications. Identify application users who make unauthorized changes from common service accounts. Provide user and application access monitoring independent of native database logging and audit functions. Improve data security leveraging analytics to detect unusual data access patterns.
Enforce security policies in real time
Monitor and enforce security policies for sensitive data access, privileged user actions, change control, application user activities and security exceptions. Use outlier detection analytics to identify anomalous behavior by automatically comparing data activity to a normal behavior baseline. Support exception policies based on definable thresholds such as SQL errors. Use extrusion policies to examine data leaving the database for specific value patterns such as credit card numbers.
Accelerate compliance workflows and audit activities
Aggregate and normalize audit data throughout your enterprise for compliance reporting, correlation and forensics without requiring native database audit functions. Provide a tamper-proof data access audit trail that supports the separation of duties required by auditors. Deliver customizable compliance workflow automation to generate compliance reports and distribute them to oversight teams for electronic sign-offs and escalation to get the right reports to the right people at the right time.
Take action against threats with advanced analytics
Guardium Data Protection offers additional data protection measures in the form of risk and threat analytics. With Risk Spotter, you can identify risky users across your environment using an algorithm to analyze the risk indicators and score the riskiness of each user. Guardium’s Active Threat Analytics shows potential security breach cases, based on an outlier mining process and on identified attack symptoms. In this dashboard, you can view and investigate cases, and take actions on individual cases.
Support heterogeneous environments
Guardium Data Protection secures your data no matter where its stored. Data discovery and classification, vulnerability assessment and remediation, data activity monitoring, compliance accelerating templates and other capabilities are extensible across databases, big data, files, mainframe and database-as-a-service environments. Guardium Data Protection provides equal protection to data sources located on-premises or in the hybrid multicloud.
Readily adapt to changes in your data environment
Create an agile and adaptive data protection environment that adjusts as new users, platforms and types of data are added. Scale to any size data protection effort with a flexible and tiered approach including seamless load balancing and self-monitoring. Streamline administration and deployment of data security and compliance with a business-centric user experience and automated tasks.
Integrate with your organization's IT and security ecosystem
All deployment versions of Guardium Data Protection can be combined with IBM Security Guardium Insights for Cloud Pak for Security, IBM Security Guardium Data Encryption, IBM Security Guardium Vulnerability Assessment, IBM Cloud Pak for Data, as well as other tools in the enterprise's cybersecurity infrastructure in order to flexibly safeguard sensitive data across the modern business environment.