Protect sensitive data – wherever it resides. IBM® Security Guardium® Data Activity Monitor prevents unauthorized data access, alerts on changes or leaks to help ensure data integrity, automates compliance controls and protects against internal and external threats. Continuous monitoring and real time security policies protect data across the enterprise, without changes or performance impact to data sources or applications. Guardium Data Activity Monitor protects data wherever it resides, and centralizes risk controls and analytics with a scalable architecture that provides 100% visibility on data activity. It supports the broadest set of data source types, and it is the market leader for big data security solutions.

IBM Security Guardium helps to:

  • Uncover risks to sensitive data
  • Monitor and audit all data activity—for all data platforms and protocols
  • Enforce security policies in real time—for all data access, change control and user activities
  • Create a centralized normalized repository of audit data—for enterprise compliance, reporting and forensics
  • Support heterogeneous data environments—all leading databases, data warehouses, files applications and operating systems, including big data environments (Hadoop and NoSQL)
  • Readily adapt to changes in your data environment

Uncover risks to sensitive data

  • Automate sensitive data discovery and classification for risk analysis across enterprise data sources
  • Determine entitlements to sensitive enterprise data to determine risks such as dormant data or dormant entitlements
  • Use analytic tools like Quick Search or Connection Profiling to do forensics in real time or after the fact

Monitor and audit all data activity

  • Understand and develop complete visibility into all transactions for all platforms and protocols by users including database administrators, developers, outsourced personnel and applications
  • Identify application users who make unauthorized changes from common service accounts
  • Provide user and application access monitoring independent of native database logging and audit functions
  • Improve data security leveraging analytics to detect unusual data access patterns

Enforce security policies in real time

  • Monitor and enforce security policies for sensitive data access, privileged user actions, change control, application user activities and security exceptions
  • Use outlier detection analytics to identify anomalous behavior by automatically comparing data activity to a normal behavior baseline
  • Support exception policies based on definable thresholds such as SQL errors
  • Use extrusion policies to examine data leaving the database for specific value patterns such as credit card numbers
  • Support policy-based actions such as near real time security alerts, traffic blocking, and user quarantines

Create a centralized repository of audit data

  • Aggregate and normalize audit data throughout your enterprise for compliance reporting, correlation and forensics without requiring native database audit functions
  • Provide a tamper-proof data access audit trail that supports the separation of duties required by auditors
  • Deliver customizable compliance workflow automation to generate compliance reports and distribute them to oversight teams for electronic sign-offs and escalation

Support heterogeneous environments

  • Monitor and audit key Big Data environments (Hadoop or NoSQL) such as IBM InfoSphere BigInsights™, Cloudera, Hortonworks, Pivotal, MongoDB and Cassandra
  • Support enterprise databases or datawarehouses running on major operating systems including IBM DB2®, Oracle, Teradata, Sybase, Microsoft SQL Server, running on Windows, UNIX, Linux, AS/400, and z/OS
  • Support key enterprise resource planning and customer relationship management applications as well as custom and packaged applications
  • Provide capabilities to track file-sharing activities on major platforms including Microsoft SharePoint

Readily adapt to changes in your data environment

  • Create an agile and adaptive data protection environment that adjusts as new users, platforms and types of data are added
  • Scale to any size data protection effort with a flexible and tiered approach including seamless load balancing and self monitoring
  • Streamline administration and deployment of data security and compliance with a business centric user experience and automated tasks