IBM® Security® Guardium® Activity Monitor for Files prevents unauthorized data access, alerts on changes or leaks to help ensure data integrity, automates compliance controls and protects against internal and external threats. Continuous monitoring and real time security policies protect unstructured data across the enterprise without changes to file systems or applications or performance impact. It provides insight into your document and file contents, and usage patterns. IBM Security Guardium Activity Monitor for Files lets you discover, track, and control access to sensitive files on either local or networked file systems.

IBM Security Guardium Activity Monitor for Files can help you meet compliance obligations and reduce the risks of major data breaches

  • Monitor and audit all file data activity – across your enterprise file systems
  • Enforce security policies in real time—for all file access, change control and user activities
  • Create a centralized repository of audit data—for enterprise compliance, reporting and forensics
  • Support heterogeneous environments—all leading platforms, file shares and operating systems

Monitor and audit all data activity

  • Understand and develop complete visibility into all transactions on your file system, attached and removable storage by users, developers, outsourced personnel and applications
  • Identify users who attempt unauthorized access
  • Provide user and application access monitoring independent of native operating system logging and audit functions
  • Improve data security by detecting unusual file and document read and write activity
  • Inventory all files and metadata to provide a clear picture of your unstructured data landscape
  • Automate sensitive data discovery and classification

Enforce security policies in real time

  • Monitor and enforce security policies for sensitive unstructured data access, privileged user actions, and change control
  • Use access policies to identify anomalous behavior such as mass copy and deletion of files and directories, detect spikes in file access activity by user, get alerted when monitored files are accessed improperly
  • Support policy-based actions such as auditing, near real time security alerts, read and write blocking

Create a centralized repository of audit data

  • Aggregate data throughout your enterprise for compliance auditing and reporting, correlation and forensics without enabling native operating system audit functions
  • Provide a tamper-proof audit trail that supports the separation of duties required by auditors
  • Deliver customizable compliance workflow automation to generate compliance reports and distribute them to oversight teams for electronic sign-offs and escalation

Support heterogeneous environments

  • Monitor and audit activity on file systems, attached storage, and removable devices
  • Support enterprise operating systems including Microsoft Windows, UNIX, and Linux
  • Discover and classify sensitive enterprise data for all platforms and most file types
  • Monitor and prevent unauthorized access for all file types