IBM InfoSphere Guardium

History of emergence of a product

Since 2006 IBM performed 11 acquisitions for expansion of the portfolio of offers in the field of security. Less than in a year after acquisition of Guardium company, its technology, experience, knowledge and skills were quickly integrated into an extensive portfolio of offers of IBM on security, helping clients with protection of their crucial databases and applications.

Having the staff of consultants numbering more than 3500 people, hardware and the software covering all infrastructure of business, research resources and a global network of business partners IBM corporation as any other supplier, can provide to clients the expert knowledge, rich practical experience and the broadest spectrum of offers for the help in implementation of integrated solutions on enterprise-wide risk management.

In 2010 IBM opened in Washington, the District of Columbia, the IBM Institute for Advanced Security organization (Institute of advanced technologies of security). This initiative is designed to help clients, it is better for business partners and educational institutions to understand and solve cyber security problems which have an impact on their IT infrastructure and business systems. The institute provides to the public and private sector around the world the collective environment giving them the chance to use extensive knowledge, experience and resources of IBM in the field of security for effective and efficient protection of crucial business information which is exposed to cyberthreats, more and more malicious and expensive for business.

The service package of IBM Managed Security Services combines infrastructure, experience, knowledge and resources for implementation of continuous monitoring and technology management of security in circles of clients worldwide. Providing to clients uniform command center for control of all their infrastructure of security and also an opportunity to manage numerous products from different solution providers on ensuring data protection, IBM can help clients with reduction of complexity of security management and receiving the maximum return from the existing investments.

The created by IBM for the purpose of providing for clients around the world of the highest level of the round-the-clock IT protection and service, nine global centers of advanced technologies of security management are constantly completed with qualified specialists in the field of services in security management (Managed Security Services). For the clients implementing technologies of cloud computing, offers of a portfolio of IBM Cloud Security Services use possibilities of the IBM Virtual-Security Operations Center for providing the high-quality and cost-efficient services which are not requiring (or requiring minimum) investments into means of protecting or technical support.

The platform of security IBM Guardium is unrolled in more than 500 data processing centers worldwide, including: in 5 of 5 largest world banks; in 4 of 6 largest insurance companies; at 2 of 3 largest retail sellers; at 20 chief world telecommunication operators; in the lead government agencies; at 3 largest car makers; in 3 largest space companies; and at the leading software provider for the business analysis.

The software of IBM InfoSphere Guardium 8 will be available to acquisition in the middle of September, 2010. It is software it will be offered in the form of previously configured device or the virtual device for fast deployment and the simplified service.

2010: IBM InfoSphere Guardium 8

The IBM corporation announced on September 15, 2010 the new software which helps businesses to protect data on clients and other confidential information from security violations. The new software performs monitoring of use of structured data and applications at the enterprise, and immediately warns administrators about unusual activity.

IBM submits the software of InfoSphere Guardium 8 which gives to the companies the chance to simplify security management and observance of the relevant regulatory requirements of regulatory bodies using uniform tool kit for the automated centralized control of a broad spectrum of corporate databases and applications. Along with opportunities of the automated monitoring, the new product facilitates to clients observance of regulatory regulations through the improved organization and the strengthened control guaranteeing confidentiality and integrity of the audit procedures given at simultaneous simplification. These possibilities of InfoSphere Guardium 8 also help to cut down expenses on support of observance of regulatory requirements for all sources of crucial data at the enterprise.

Certification

Certification of FSTEC of Russia allows to use a product as the tool for creation of the systems of personal data protection according to requirements No. 152-FZ "About personal data". IBM InfoSphere Guardium technologies represent a hardware and software system of monitoring, audit and access control to information processed in modern DBMS of a corporate class. Certification tests confirmed that the IBM Guardium complex can be used for creation of automated systems to a class of security 1G inclusive and for data protection in information systems of personal data processing to the 2nd class inclusive.

In April, 2011 the Bell Integrator company completed certification of the hardware and software system IBM Guardium on compliance to specifications of FSTEC of Russia. Certification tests of a product by request of Bell Integrator company were carried out by Gazinformservice LLC laboratory.

The Bell Integrator company in 2008 became the first official partner of Guardium company and the supplier of the product of the same name in the territory of Russia and the CIS countries. Today the Bell Integrator company successfully implements more than 20 projects on the implementing solution IBM Guardium in large commercial structures of different sectors of business including in the four of the largest cellular operators acting in the territory of Russia and the CIS countries. Four largest companies of the domestic telecommunication market and their child divisions in the territory of Russia and the CIS countries will become the first owners of the certified product IBM Guardium.

Possibilities of InfoSphere Guardium

Protection against fraud for the systems of SAP — From data on clients and data on the personnel structure of the organization to data of a corporate ERP system, SAP application often contain confidential information which needs to be controlled for the purpose of audit and observance of requirements of regulatory bodies for use of responsible information. Now the companies can reveal cases of fraud, deception and counterfeits by end-to-end monitoring of the user activity in real time at the level of applications, including actions of administrators and the attracted non-staff personnel. InfoSphere Guardium provides more detailed information on users of applications of SAP, simplifying the companies identification of fraudulent activity without entering of any changes into corporate databases and applications.

Protection of files of SharePoint — to Repozitariya SharePoint often contain confidential information, such as financial results and valuable intellectual property of the organization (for example, design and technology features of a new product). As a rule, behind use of these responsible data there is no proper control necessary for prevention of abuses of the employees having the appropriate rights of access. Now the companies can conduct continuous monitoring in real time that facilitates identification of cases of unauthorized access to SharePoint repositories.

Support for the platform of the mainframe — the Companies often ignore such crucial aspect of security of databases as operational monitoring and control of activity of database managers and system administrators. IBM offers enhanced capabilities of monitoring of activity for the IBM DB2 databases executed on System z mainframes now, allowing the companies to protect the confidential information from unauthorized access from administrators. So, for example, if the database manager of insurance company tries to get access to social security numbers of clients, a system will immediately generate the warning message for personnel of security services and control of observance of regulatory regulations. The new version of InfoSphere Guardium 8 uses the developed IBM technology of the mainframe for collecting of data on all database transactions with the minimum impact on performance.

Besides, the companies can carry out now a series of the automated tests for assessment of weak points of security (for example, errors at purpose of access rights) which can lead to a compromise or data loss and mismatch to the set regulatory requirements. InfoSphere Guardium also gives opportunities of monitoring and assessment of vulnerabilities of security for platforms of databases from the third-party suppliers used on the mainframe (such as Oracle databases executed in operating environment of Linux on System z mainframes).

The improved processes of audit and support of observance of regulatory requirements — the Most important part of any audit control is capability to show that reports on observance of the set regulations and the notification on exclusive situations are regularly browsed by the special controlling services, and adequate actions are taken for each revealed case. Thanks to the new software product, the company will find additional flexibility in differentiation of workflows and sharing of specific auditor information only by the group of people at the enterprise which have relation to it. This opportunity, along with the report templates integrated into InfoSphere Guardium about observance of requirements of different regulations and standards (such as SOX, HIPAA and PCI), will help the companies to save time and money thanks to considerable acceleration of processes of collecting of necessary data on observance of regulatory regulations in the organization and preparation of the corresponding reports for auditors.

Enhanced capabilities of blocking and isolation — In cases of unauthorized or suspicious user activity, the company can selectively block certain users, having prohibited them access to a system for a certain time that will allow to avoid possible loss of the valuable data until this activity is attentively investigated regarding abuses. So, for example, if the employee of customer service within an hour is engaged in search in base of credit card numbers, it (or it) will be automatically disconnected from a system with access lock. The same way, if the database manager in medical institution tries to get access to confidential personal data of the patient with a special status, office access for this employee to the database will be immediately blocked, and without the need for carrying out any manual, labor-consuming or potentially leading to errors changes in crucial databases or applications.

Integration into the software of Tivoli — the important information on responsible databases and applications collected by the software of InfoSphere Guardium in the course of monitoring of a security system and control of observance of regulatory regulations can be combined Now with information on other systems and devices of the network security collected by the software of Tivoli Security Information and Event Management. This integration gives to the companies an exhaustive idea of key data which facilitates them management and control of enterprise-wide corporate information.

Thanks to new opportunities for the System z, SharePoint and SAP platforms in combination with the existing opportunities for protection of heterogeneous infrastructures of databases (including IBM DB2 and Informix, Oracle and the Microsoft SQL Server) and business applications (such as IBM Cognos and PeopleSoft), IBM provides the broadest support of security in the industry and control of observance of regulatory requirements for databases now.