Archive for the Category ◊ InfoSphere Guardium ◊

IBM InfoSphere Guardium Newsletter: April 2013
Wednesday, May 01st, 2013 | Author:
IBM April 2013




In this Issue:

  • IBM X-Force 2012 Annual Trend & Risk Report
  • IBM PureSystems Turning One and Tackling Big Data, ITBusinessEdge Server Watch
  • Big Data Storage Buying Guide, Enterprise Storage Forum.com
  • Hardening a Teradata Database: Best Practices for Access Rights Management
  • Live Webcast – Secure All Your ‘Data at Rest’ with IBM Key Lifecycle Management
  • Live Webcast – IBM X-Force 2012 Trend Report: Cyber vs. Insider Data Breaches
  • InfoSphere Guardium Tech Talk – Implementing Database Activity Monitoring for DB2 for z/OS
  • Live Webcast – Best Practices for Securing and Protecting MongoDB Data, 10Gen
  • Tech Tip: Accelerate the Path to PCI-DSS Data Compliance Using InfoSphere Guardium
  • InfoSphere Guardium Training Courses
  • Proof of Technology and Technical Demonstrations
  • InfoSphere Guardium Bootcamp for Business Partners
  • Upcoming Events
  • IBM Blogs
  • Quick Links and Resources

IBM X-Force 2012 Annual Trend & Risk report has released! 

IBM X-Force monitors the latest threat trends including vulnerabilities, exploits and active attacks, viruses and other malware, spam, phishing, and malicious web content.
Looking back over the year, there was a measurable increase in the public announcements of security incidents and breaches, where SQL injection and DDoS attacks continued to wreak havoc on IT infrastructures.

Over the past year the discovery of sophisticated toolkits with ominous names like Flame to cross-platform zero-day vulnerabilities, had both consumers and corporations inundated with advisories and alerts regarding emerging threats. The frequency of data breaches and incidents—which had already hit a new high in 2011—continued their upward trajectory.

Read more
IBM PureSystems Turning One and Tackling Big Data 
ITBusinessEdge ServerWatch

“Over the past year, the IBM PureSystems family of expert integrated systems has continued to expand to meet the evolving needs of clients and partners around the world,” Jason McGee, IBM Fellow and IBM CTO for IBM PureApplication System, told ServerWatch.

McGee noted that the PureSystems family of server systems has been particularly well suited to help those organizations that are trying to transform their businesses and take advantage of opportunities being afforded by cloud, mobile and Big Data, but are challenged by a lack of IT skills and resources.

“PureData for Hadoop is also architected for high availability and features best in class security for Hadoop with advancements in both BigInsights and integration with Guardium software.”

Read more.

Big Data Storage Buying Guide
Don’t Forget Security
Enterprise Storage Forum.com

Enterprise Storage Forum has prepared a series of buying guides covering all aspects of storage. This one takes a somewhat different tack, providing advice from analysts on how storage managers should be addressing big data.

An integral part of strategy is how to secure that growing stash of unstructured data.  …the open source distribution of Hadoop does not include many security capabilities, though commercial distributions such as Shadoop can often add features such as access control, audit logging and authentication. In addition, IBM InfoSphere Guardium has introduced tools for securing big data environment. Disk encryption is another recommended action.

Read more. 

Hardening A Teradata Database: Best practices for access rights management (PDF, 1.8MB)

This joint IBM – Teradata white paper provides an overview and identifies best practices for access rights management for the Teradata Database not only to protect your data, but also to improve overall performance for authorization checking. And, introduces IBM InfoSphere® Guardium Vulnerability Assessment as an aid to help organizations automate the detection of vulnerabilities and to provide guidance on recovering from failures of Vulnerability Assessment tests.

Live Webcast: Secure All Your “Data at Rest” with IBM Key Lifecycle Management

Date: Wednesday, May 8, 2013
Time: 11:00AM ET
Speaker: Gordon Arnold

Targeted attacks on critical data continue to escalate and regulatory compliance to protect data has become increasingly more demanding. Encryption has been viewed as one of the most reliable ways to protect data and comply with regulations but it was also considered complex to implement. Today encryption has become the most critical component in an organization’s arsenal to meet compliance objectives, while at the same time it has become much easier to implement and manage successfully. The problem is knowing when and where to use encryption, how it can simplify the task of proving compliance and what controls need to be in place to ensure it delivers on its promise. This overview will help provide a look into the options for encryption and practical advice on how to deploy options like encrypted storage with key management will be a focus for this talk.

Register now


Live Webcast: IBM X-Force 2012 Annual Trend Report: Data Breach Issues and Solutions

Date: Thursday, May 9, 2013
Time: 2:00 PM ET / 11:00 AM PT
Speakers: Robert Freeman, IBM X-Force Advanced Research and Kimberly Madia, Product Marketing for InfoSphere Guardium

Join Robert Freeman of IBM X-Force® Advanced Research as he presents an in-depth analysis of 2012 public vulnerability disclosures and discusses important lessons learned.
In this session, you will learn:

  • Types of threats and the varying levels of sophistication
  • Most damaging exploit kits and the java connection
  • Web content trends, vulnerabilities and statistics
  • Operational security practices

Gain insight into emerging trends in security and how to address new threats presented by mobile devices, cloud computing, social media and more. And, why IBM’s holistic approach to data security can deliver a much lower total cost of ownership with best-in-class data security and compliance solutions

Register here.

InfoSphere Guardium Tech Talk: Implementing Database Activity Monitoring with DB2 for z/OS

Date: Thursday, May 16, 2013 
Time: 11:30 AM ET / 8:30 AM PT

Hosted by: Kathryn Zeidenstein (IBM)

IBM Presenters: Roy Panting and Ernest Mancill

Learn how to manage multiple IBM InfoSphere Guardium appliances in heterogeneous environments and understand the tools available for system self-monitoring and system tuning. Members of our L3 support organization will cover best practices in maintaining, upgrading and expanding your InfoSphere Guardium environment.

For more information about this tech talk, contact Kathy Zeidenstein at krzeide@us.ibm.com or visit the Tech Talk page on the Guardium community wiki. http://ibm.co/Wh9x0o

Register here.

 

Live Webcast: Best Practices for Securing and Protecting MongoDB Data
Hosted by 10Gen

Date: Wednesday, May 29, 2013
Time: 2:00 PM ET/1:00 PM CT/11:00 AM PT
Duration: 60 minutes
IBM Presenters: 
Kathryn Zeidenstein, InfoSphere Guardium Evangelist and Sundari Voruganti, QA Lead

The value of the fast growing class of NoSQL databases is the ability to handle high velocity and volumes of data while enabling greater agility with dynamic schemas.  MongoDB gives you those benefits while also providing a rich querying capability and a document model for developer productivity. Many organizations are just getting started with MongoDB, and now is the time to build security into the environment to save time, prevent breaches and avoid compliance violations. This session describes several tips to get started ensuring security of MongoDB data, including real-time activity monitoring capability developed by IBM and validated by 10gen, the MongoDB Company. We will cover protection of data in motion and data at rest to build a defense in depth approach.

In this session you will learn:

  • How to evaluate the data security and privacy landscape and determine risk factors
  • New capabilities in MongoDB for authentication and management of data access
  • New capabilities in IBM InfoSphere Guardium data security and protection solutions to help  organizations monitor access to sensitive collections, log details of privileged user activity, detect risky query practices, and much more.

Register here 

Tech Tip: Accelerate the Path to PCI-DSS Data Compliance Using InfoSphere Guardium

Use prebuilt reports, policies, and groups to simplify configuration 

This article gives you a step-by-step overview of using the Payment Card Industry (PCI) Data Security Standard (DSS) accelerator that is included with the standard InfoSphere® Guardium® data security and protection solution. The PCI-DSS is a set of technical and operational requirements designed to protect cardholder data and applies to all organizations who store, process, use, or transmit cardholder data. Failure to comply can mean loss of privileges, stiff fines, and, in the case of a data breach, severe loss of consumer confidence in your brand or services. The InfoSphere Guardium accelerator helps guide you through the process of complying with parts of the standard using predefined policies, reports, group definitions, and more.

In this article, you will learn:

  • How to install the accelerator and configure a PCI role that will see the GUI enhancements specifically for the PCI accelerator.
  • The layout of the accelerator and the reports that are included to demonstrate compliance. You will learn how to add members to groups that will enable those reports to return the correct information. The article also briefly discusses security policies and rules.
  • How to use audit processes to automate compliance workflow for reviews and sign-offs.

Read more.

On-Demand Webcasts: 

If you missed our recent live broadcast, download these replays to catch up on hot topics, accelerate learning and view demonstrations of IBM data security and privacy solutions.
2013 InfoSphere Guardium Training Courses

Guardium’s training courses help you achieve results quickly and easily. For more information about training, to sign up for a training course, or to schedule a training session, go to:

  • GU201: IBM InfoSphere Guardium Technical Training - This three-day course offers a balanced mix of lectures, hands-on lab work, case studies, and testing. Students will learn how to create reports, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. Students will also learn about system administration, archiving, purging, and back-ups.
  • 2U201: IBM InfoSphere Guardium 8 Technical Training – New Self-Paced Course - In this self-paced course, students will learn how to implement and support Guardium solutions within their environment. The course will highlight report creation, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. See how system administration, archiving, purging, and backups are completed.

Register today!

Proof of Technology and Technical Demonstrations
To attend one of the Proof of Technology sessions – Email an IBM Representative. Include in your email the location you are interested in attending one.

InfoSphere Guardium Bootcamp for Business Partners

This technical workshop is for IBM business partners who are currently working with or are interested in working with IBM InfoSphere Guardium. It provides training on InfoSphereGuardium in a classroom setting. Detailed presentations and hands-on labs on Guardium 8 are included where attendees will gain in-depth knowledge on topics including:

  • InfoSphere Guardium product overview
  • Guardium installation concepts, planning, and configuration
  • Auditing database servers with the Guardium system
  • Monitoring for unusual traffic
  • S-GATE and S-TAP Terminate Functions
  • Vulnerability Assessments
  • Enhanced Enforcement Actions
  • And much more…

Learn how IBM InfoSphere Guardium can add value to your security and data management solutions and extend your market opportunity. Business partners working in the consulting industry who are currently working with or plan to work with InfoSphere Guardium are also welcome to attend.

Schedule and registration information

Please Note: We will send an email confirmation to all registrants 1-2 weeks before the bootcamp begins.

Date Country City Registration Information
May 20 – 24, 2013 Korea Seoul Register here
May 27 – 31, 2013 Russia Moscow Register here
June 4 – 7, 2013 Ukraine Kiev Register here

Fore more information, go to IBM InfoSphere Guardium Bootcamp
Upcoming Events
Please visit us at the following upcoming events:

Big Data, Integration, & Governance Forum
Toronto, Canada – May 9, 2013
Pittsburgh, PA – May 16, 2013
St. Louis, MO – June 11, 2013
Paris, France – June 11, 2013

Join us at an IBM Big Data, Integration and Governance Forum to hear from industry experts on how to turn your ever-growing supply of data into an enterprise source of knowledge. The forum—which addresses both strategies and technologies—will identify the pains associated with the overabundance of information and spur thinking around building an information strategy for smarter analytics.

Register today for the IBM Big Data, Integration and Governance Forum near you. 

ISSA CISO Executive Forum
Dallas, TX – May 9 – 10, 2013

X-Force Evolving Threats 2013 
Milwaukee, WI – May 14, 2013
Atlanta, GA – May 21, 2013
Dallas, TX – May 21, 2013
Southfield/Detroit, MI – May 22, 2013
San Francisco, CA – May 23, 2013
Washington, DC – May 23, 2013

Blogs 

The Big Data Hub Blog

Institute for Advanced Security Blog
Quick Links
Monitor Data Activity in Real Time 
Identify unauthorized or suspicious activities by continuously monitoring access to databases, data warehouses, Hadoop systems and file share platforms in real time.

Audit and Validate Compliance
Simplify SOX, PCI-DSS, and Data Privacy processes with pre-configured reports and automated oversight workflows (electronic sign-offs, escalations, etc.) to satisfy mandates.

Secure and Protect Big Data Environments 
Build security into big data environments to prevent breaches, ensure data integrity and satisfy compliance.

Protect Data Privacy and Support Compliance 
Develop a holistic approach to data protection to ensure compliance and reduce costs.

Assess Vulnerabilities 
Scan the entire data infrastructure for vulnerabilities and receive an ongoing evaluation of your data security posture, using both real-time and historical data.

Safeguard both Structured and Unstructured Data 
Ensure structured and unstructured data is identified, transformed and audited.

Produce Better Business Outcomes with Information Goverance
Ensure Enhance information integrity, availability and quality

InfoSphere Data Security and Privacy Offerings:
InfoSphere Discovery
InfoSphere Guardium Data Encryption
InfoSphere Guardium Activity Monitor
InfoSphere Guardium Vulnerability Assessment
InfoSphere Optim Data Privacy
Social media links
Follow Guardium on www.twitter.com/IBM_Guardium

Follow @IBMSecurity for the latest updates

View the Guardium channel on YouTube
Category: InfoSphere Guardium  | Leave a Comment
IBM InfoSphere Guardium eNewsletter: March 2013
Tuesday, April 02nd, 2013 | Author:
March 2013

In this Issue:

  • IBM Recognized as Big Data Market Share Leader, Wikibon
  • More Than Half of Banks Hit by DDos Attacks Last Year, Bank Systems & Technology
  • Retail Security in the Age of Big Data, SC Magazine UK 
  • Pulse 2013 – Big IP-ASM and IBM InfoSphere Guardium
  • More Improvements to SIEM than Big Data, Dark Reading
  • ISSA Webcast – IBM X-Force 2012 Trend Report: Cyber vs. Insider Data Breaches
  • InfoSphere Guardium Tech Talk – Take Control of Your InfoSphere Guardium Appliance
  • New Automated System for Submitting Product Enhancement Requests
  • Tech Tip: Use Data-Level Security for Granular Access Control of Auditing Results
  • InfoSphere Guardium Training Courses
  • Proof of Technology and Technical Demonstrations
  • InfoSphere Guardium Bootcamp for Business Partners
  • Upcoming Events
  • IBM Blogs
  • Video: The Role Big Data Plays in Solving Complex Security Challenges
  • Podcast: How to Build Big Data Security into Big Data Environments
  • Quick Links and Resources

IBM Recognized as Big Data Market Share Leader
Big Data Vendor Revenue and Market Forecast 2012-2017
Wikibon 

Further validation of IBM’s leadership in the big data market comes from Wikibon, the Web’s first and largest technology research and advisory organization.  In their recentBig Data Vendor Revenue and Market Forecast 2012-2017, IBM is the undisputed market share leader, topping 60 other vendors evaluated.

In the report, Wikibon states: “Market-leader IBM offers by far the largest product and services portfolio by both breadth and depth. The company also supports its Big Data practice with a well-crafted, high-level marketing campaign focused around its Smarter Planet initiative that often includes illustrations of real-world Big Data deployments.”

Wikibon projects the Big Data market to top $18 billion in 2013, a growth rate of 61%. Looking beyond 2013, Wikibon forecasts the total Big Data market to approach $50 billion by 2017, which translates to a 31% compound annual growth rate over the five-year period 2012-2017.

Read more.

More Than Half of Banks Hit by DDoS Attacks Last Year, Study Finds 
Bank Systems & Technology 

In a recent survey conducted by the Ponemon Institute, more than half of the banking IT professionals in the study said their bank had experienced at least one DDoS in the previous 12 months. U.S. banks became very familiar with Distributed Denial of Service (DDoS) attacks after a number of them were hit by such attacks last year. But a new study by the Ponemon Institute, an independent research firm focused on information security, sheds some new light on just how widespread the attacks were. The Ponemon Institute surveyed 650 banking IT professionals for the study from institutions ranging from community banks to national ones, with more than 64% of them working with institutions with at least 1,000 employees.

Read more.

Retail Security in the Age of Big Data
SC Magazine UK

Retailers are discovering that the more of this ‘big data’ they can collect and analyse, the better they can serve their customers and optimise their own operations. Vast amounts of customer data (from demographics, to product-purchase histories, to online conversations) can now be analysed to predict customer needs and orchestrate partners and suppliers in greater responsiveness to changes in buying behavior.

With data being the new world currency and the cost of maintaining and protecting it running exponentially higher than the cost of capturing it in the first place, the security of data is assuming a new importance among retailers.

Retailers are responsible for protecting not only their own information, but the information of their customers as well. They are also faced with a diverse array of threats that are creating new potential vulnerabilities, such as theft of customer information and credit card data.

Read more.

Pulse 2013 – BIG-IP ASM & IBM InfoSphere Guardium
Peter Silva
F5 DevCenter 

Learn about the integration between BIG-IP ASM and IBM’s InfoSphere Guardium offering real time data security along with contextual meta data associated with the SQL data. Each enhances the other to provide both defense-in-depth protection and contextual security information. Powerful stuff.

Read more.

More Improvements To SIEM Than Big Data
DarkReading 

For big companies looking to spend big budgets, the Big Data pitch for security information and event management (SIEM) systems is a good fit. But other improvements are on the way 

With large enterprises seeking to gain situational awareness into what is happening on hundreds, if not thousands of network devices, using the business analytics model of Big Data makes sense.

“More and more customers are asking what they can add to the platform and what can be added to the platform,” says Michael Applebaum, program director at IBM Security Systems. “You can draw more insight with who is doing what with what systems and in what situations.

Read more. 

ISSA Webcast: IBM X-Force 2012 Trend Report: Cyber vs. Insider Data Breaches
Sponsored by IBM

Date: Tuesday, April 23, 2013
Time: 12:00 to 2:00 p.m. ET
Presenter: Robert Freeman, Manager X-Force Research

Attackers and unscrupulous users constantly adapt their techniques to evade new security measures, easily bypassing traditional perimeter defenses. Join Robert Freeman, Manager, IBM X-Force® Advanced Research as he presents the results of the “IBM X-Force 2012 Trend and Risk Report,” an in-depth analysis of public vulnerability disclosures findings.
In this webcast, you will learn why data attacks continue to be pervasive and why we are seeing more than ever how systems interconnectedness, poor policy enforcement, and human error, is far more influential than any singles security vulnerability. A holistic approach to data security approach is essential for the protection of the entire ecosystem.

Register here.

InfoSphere Guardium Tech Talk: Take Control of Your InfoSphere Guardium Appliance

Date: Thursday, April 11, 2013
Time: 11:30 AM – 12:30 PM (Eastern Time)
Hosted by: Kathryn Zeidenstein (IBM)
Presented by: Daniel Perlov, L2 Support Manager (IBM), Abdiel Santos, L3 Support Engineer (IBM)

Learn how to manage multiple IBM InfoSphere Guardium appliances in heterogeneous environments and understand the tools available for system self-monitoring and system tuning. Members of our L3 support organization will cover best practices in maintaining, upgrading and expanding your InfoSphere Guardium environment.

This session will be recorded and will be available via audiocast, so you can dial in or listen through your computer speakers.

For more information about this tech talk, contact Kathy Zeidenstein at krzeide@us.ibm.com or visit the Tech Talk page on the Guardium community wiki. http://ibm.co/Wh9x0o
Slides will be available for download on the wiki page by the day of the talk.

Register here.

New Automated System for Submitting Product Enhancement Requests

You can now use the IBM RFE system on developerWorks to submit product enhancement requests for InfoSphere Guardium. This is the preferred way to submit enhancement requests moving forward. The direct link is here: https://www.ibm.com/developerworks/rfe

You can find step by step instructions in the InfoSphere Guardium community wiki here:http://bit.ly/guardrfe

Tech Tip: Use data-level security for granular access control of auditing results in InfoSphere Guardium

Ensure separation of duties based on the originating data source

Tansel Zenginler, Data Governance Solutions Architect, IBM
Kathryn Zeidenstein, InfoSphere Guardium Evangelist, IBM

IBM® InfoSphere® Guardium® offers enterprise-wide data activity monitoring for data protection and auditing. Two critical elements to consider for a successful enterprise implementation of InfoSphere Guardium for enterprise-wide data protection and audit include support for separation of duties, and enterprise deployment capabilities that eliminate redundant configurations and streamline enterprise deployments to match your organizational structures. By using Guardium data-level security mechanisms, administrators can assign responsibilities for particular databases or systems to individuals (or groups) which aligns with their hierarchical organizational structure. This article describes the benefits of data-level security as well as step-by-step instructions for implementing the solution for a sample scenario.

Read more.

On-Demand Webcasts: 
If you missed our recent live broadcast, download these replays to catch up on hot topics, accelerate learning and view demonstrations of IBM data security and privacy solutions.
2013 InfoSphere Guardium Training Courses

Guardium’s training courses help you achieve results quickly and easily. For more information about training, to sign up for a training course, or to schedule a training session, go to:

  • GU201: IBM InfoSphere Guardium Technical Training - This three-day course offers a balanced mix of lectures, hands-on lab work, case studies, and testing. Students will learn how to create reports, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. Students will also learn about system administration, archiving, purging, and back-ups.
  • 2U201: IBM InfoSphere Guardium 8 Technical Training – New Self-Paced Course - In this self-paced course, students will learn how to implement and support Guardium solutions within their environment. The course will highlight report creation, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. See how system administration, archiving, purging, and backups are completed.

Register today!

Proof of Technology and Technical Demonstrations
To attend one of the Proof of Technology sessions – Email an IBM Representative. Include in your email the location you are interested in attending one.

InfoSphere Guardium Bootcamp for Business Partners

This technical workshop is for IBM business partners who are currently working with or are interested in working with IBM InfoSphere Guardium. It provides training on InfoSphereGuardium in a classroom setting. Detailed presentations and hands-on labs on Guardium 8 are included where attendees will gain in-depth knowledge on topics including:

  • InfoSphere Guardium product overview
  • Guardium installation concepts, planning, and configuration
  • Auditing database servers with the Guardium system
  • Monitoring for unusual traffic
  • S-GATE and S-TAP Terminate Functions
  • Vulnerability Assessments
  • Enhanced Enforcement Actions
  • And much more…

Learn how IBM InfoSphere Guardium can add value to your security and data management solutions and extend your market opportunity. Business partners working in the consulting industry who are currently working with or plan to work with InfoSphere Guardium are also welcome to attend.

Schedule and registration information

Please Note: We will send an email confirmation to all registrants 1-2 weeks before the bootcamp begins.

Date Country City Registration Information
Apr 2 – 5, 2013 United Kingdom Hursley Register here
Apr 2 – 5, 2013 Thailand Bangkok Register here
Apr 9 – 12, 2013 Singapore Singapore Register here
Apr 9 – 12, 2013 Malaysia Kuala Lumpur Register here
Apr 16 – 19, 2013 Vietnam Hanoi Register here

Fore more information, go to IBM InfoSphere Guardium Bootcamp
Upcoming Events
Please visit us at the following upcoming events:

Big Data, Integration, & Governance Forum
Chengdu, China – April 2, 2013
Columbus, OH – April 9, 2013
Tokyo, Japan – April 11, 2013
Berlin, Germany – April 15, 2013
Atlanta, GA – April 16, 2013
Charlotte, NC – April 18, 2013
London, UK – April 26, 2013

Join us at an IBM Big Data, Integration and Governance Forum to hear from industry experts on how to turn your ever-growing supply of data into an enterprise source of knowledge. The forum—which addresses both strategies and technologies—will identify the pains associated with the overabundance of information and spur thinking around building an information strategy for smarter analytics.

Register today for the IBM Big Data, Integration and Governance Forum near you. 

COLLABORATE 2013
Denver, CO – April 7-11, 2013; Colorado Convention Center
IBM Booth 1109
Drive a new era of performance with flexible solutions.
IBM will be back and better than ever at Collaborate 2013!  Collaborate is the annual gathering of three of Oracle’s biggest and most influential user groups - OAUGQuest and IOUG.
Below is a sample listing of 8 of 30 sessions that IBM will be leading.

Session ID Session Title
13118 Big Data, Integration and Governance: Ask the Experts
871 Big Data Analytics, ‘R’ You Ready?
109020 Anatomy of a JD Edwards Archiving Project
Keynote Are you ready for the New Era of Computing and Big Data?
109010 Best Practices for Securing and Privatizing your PeopleSoft Data
103360 Why Mask Big Data?
998 Business Driven Data Security and Privacy Policies Across the Enterprise
100130 Managing Big Data: Anatomy of a Big Data Archiving Project

 

Blogs

IBM Pulse Blog

The Big Data Hub Blog

Institute for Advanced Security Blog

Video and Podcast

The Role Big Data Plays in Solving Complex Security Challenges

How to Build Data Security into Big Data Environments
Quick Links
Monitor Data Activity in Real Time 
Identify unauthorized or suspicious activities by continuously monitoring access to databases, data warehouses, Hadoop systems and file share platforms in real time.

Audit and Validate Compliance
Simplify SOX, PCI-DSS, and Data Privacy processes with pre-configured reports and automated oversight workflows (electronic sign-offs, escalations, etc.) to satisfy mandates.

Secure and Protect Big Data Environments 
Build security into big data environments to prevent breaches, ensure data integrity and satisfy compliance.

Protect Data Privacy and Support Compliance 
Develop a holistic approach to data protection to ensure compliance and reduce costs.

Assess Vulnerabilities 
Scan the entire data infrastructure for vulnerabilities and receive an ongoing evaluation of your data security posture, using both real-time and historical data.

Safeguard both Structured and Unstructured Data 
Ensure structured and unstructured data is identified, transformed and audited.

Deliver Security to Cloud and Virtual Environments 
Providing comprehensive data protection for cloud, virtual and physical infrastructures.

Produce Better Business Outcomes with Information Goverance
Ensure Enhance information integrity, availability and quality

InfoSphere Data Security and Privacy Offerings:
InfoSphere Discovery
InfoSphere Guardium Data Encryption
InfoSphere Guardium Activity Monitor
InfoSphere Guardium Vulnerability Assessment
InfoSphere Optim Data Privacy
Social media links
Follow Guardium   View us on YouTube
Category: InfoSphere Guardium  | Leave a Comment
Next Tech Talk on April 11: Take Control of your Guardium Appliance
Tuesday, March 26th, 2013 | Author:

Next Tech Talk on April 11: Take Control of your Guardium Appliance

Join us at 830 AM (PDT) /11:30 AM (EDT) on April 11th.
Learn how to manage multiple IBM InfoSphere Guardium appliances in heterogeneous environments and understand the recent additions of tools available for system self monitoring and system tuning. Members of our support organization will cover best practices in maintaining, upgrading and expanding your InfoSphere Guardium environment .

Slides will be available on the tech talk wiki page by the day of the talk. http://ibm.co/Wh9x0o

Category: InfoSphere Guardium  | Leave a Comment
IBM InfoSphere Guardium eNewsletter: January 2013
Thursday, January 31st, 2013 | Author:
IBM January 2013

January Banner


In this Issue:

  • InfoSphere Optim Leadership for Data Masking Recognized by Gartner
  • Predictions for A Secure Planet, IBM Institute for Advanced Security
  • Finance: DDOS Flash Back and Flash Forward – Most Organizations Are Unprepared, IBM Institute for Advanced Security
  • Safe and Sound Insights, IBM Systems Magazine
  • Cyber Security on the Offense: A Study of IT Security Experts, Ponemon Institute
  • Webcast: InfoSphere Guardium Tech Talk: Guardium 101
  • On-Demand Webcast: InfoSphere Guardium V9.0 – Delivering Big Data Protection for System z and Beyond
  • InfoSphere Guardium Training Courses
  • Proof of Technology and Technical Demonstrations
  • InfoSphere Guardium Bootcamp for Business Partners
  • Upcoming Events – New Guardium Tech Talk Series
  • IBM Blogs
  • Quick Links and Resources
  • Newsletter Subscription

InfoSphere Optim Leadership for Data Masking Recognized by Gartner

Gartner has placed IBM in the leaders quadrant in the first ever Magic Quadrant for Data Masking Technology, from analysts Joseph Feiman and Carsten Casper (December 2012).  Data masking aims to prevent the abuse of sensitive data (such as credit card numbers), personally identifiable information (such as Social Security numbers), medical diagnoses and non-personal sensitive data (such as corporate financial information and intellectual property.)

The Magic Quadrant for Data Masking Technology calls out InfoSphere Optim as having the strongest reputation, largest global installed client base, broadest portfolio, and unparalleled mainframe expertise.

InfoSphere Optim Data Privacy is well positioned to lead in the explosive market of data masking. Data masking should be mandatory for enterprises using copies of sensitive production data for application development, analytics or training. The market is expanding into production and unstructured data protection. It is populated with specialized and diversified vendors, and is in growing demand. InfoSphere Optim is positioned as a leader.

Magic Quadrant Highlights for InfoSphere Optim Data Privacy

  • Strong reputation and the largest installed client base. InfoSphere Optim the most frequently referenced vendor by Gartner clients, especially large ones.
  • Ability to operate globally.
  • IBM provides complimentary technologies including data security technologies (such as data redaction and database activity monitoring), test data management, data archiving, application retirement, e-discovery, data management, and application development and testing technologies. IBM also provides the leading application security technologies — such as static application security testing (SAST), dynamic application security testing (DAST) and interactive application security testing (IAST.)
  • IBM mainframe and iSeries legacy expertise
  • Evolving network of partners (including large consultancies)

Download the report.

Read the whitepaper – Closing the Data Privacy Gap.

Predictions for a Secure Planet 
IBM Institute for Advanced Security

This past year was one of the busiest for enterprise security. We spoke to clients around the world and our own security team about what to expect in 2013 and beyond.  Here are some of the insights we’re seeing:

1. In early 2014, Cloud security will go from “mystery and hype” to “secure and move-on”
2. By end of year 2014, mobile devices will be more secure than laptops are today
3. Compliance will remain a surprisingly robust security driver through 2015, driven by country-level cyber efforts maturing
4. The type of data collected and inspected to detect advanced threats will balloon in variety and volume by 2016

Read more.

Video: Security Predictions for 2013

Finance: DDOS Flash Back and Flash Forward – Most Organizations Are Unprepared
IBM Institute for Advanced Security

DDOS is still a viable weapon for nation-states, hacktivists, fraudsters, and gangsters.  The cyber world is full of anonymous arsonists, and too many firms are still without adequate fire protection.  The old fire hoses are not enough to quell the wall of flames.  Traditional firewalls and intrusion-prevention systems are not enough when it comes to volumetric surges on the order of 10 Gbps.  Attacks are not only increasing in volume but are utilizing a hybrid construct as well.

Read more. 

Safe and Sound Insights
IBM Systems Magazine

The exponential growth of structured and unstructured data offers organizations both opportunities for increased revenue and exposure to security and compliance risks.  Read how the System z ecosystem protects vital enterprise information assets.

Read more.

Cyber Security on the Offense: A Study of IT Security Experts
Ponemon Institute Research

A recent study conducted by the Ponemon Institute and sponsored by Radware, surveyed 705 IT security professionals related to downtime and DDoS (denial of service). As cyber-attacks grow in sophistication and stealth, organizations are urged to be proactive in addressing the threats. As revealed in this research, a major consequence of not preventing attacks such as DDoS can be
costly. On average DDoS attacks are costing companies approximately $3.5 million annually, according to the findings of this research.

Read more.

InfoSphere Guardium Tech Talk: Guardium 101

Date:    Feb 21, 2013
Time:    11:30 AM – 12:30 PM (Eastern Time)
Hosted by:    Kathryn Zeidenstein (IBM)
Presented by:    Kathryn Zeidenstein (IBM), Joe DiPietro (IBM)

Whether you’re new to Guardium data security and compliance or need a refresher, this session goes over the basics. Joe DiPietro, longtime Guardium Center of Excellence lead will co-present with Kathy Zeidenstein, Guardium Evangelist and relative newcomer. We’ll cover the following topics and leave time for you to ask your questions as well.

  • What is Guardium – is it a product, a platform, a series of products?
  • The bits and pieces (architectural overview and how data flows through the system)
  • Deployment topologies
  • Whirlwind tour of the UI
  • Tour of the command line interface and APIs (for the techies among you)
  • Roles and responsibilities
  • Where do you find more information?

For more information about this tech talk, contact Kathy Zeidenstein at krzeide@us.ibm.com or visit the Tech Talk page on the Guardium community wiki. http://ibm.co/Wh9x0o

On-Demand Webcast: InfoSphere Guardium V9.0 – Big Data Protection for System z and Beyond

Today’s big data initiatives and technologies capture and share information from a myriad of sources, more than ever before, and they are augmented with business analytics and decisions engines to exploit this data for better business decision-making. Simultaneously, organizations need to lower risks and control costs. With more organizations moving their analytics closer to where transactional data is stored, many rely on the IBM® System z® platform for its scalability and its unmatched security. Nonetheless, it remains a target for hackers, criminals and unauthorized insiders to gain access to highly sensitive personal, financial and business data.

Download this webcast and learn how the latest version of IBM InfoSphere® Guardium® 9.0 helps proactively protect more of your data than ever to help further reduce business risks and the cost of compliance. You gain peace of mind through:

  • Preventative and proactive data security controls
  • Real-time data threat detection and monitoring alerts
  • Support for transactional and big data information
  • Extensive integration capabilities
  • Automated workflows, predefined compliance reports and policies

View the Webcast. 

Download the InfoSphere Guardium z/OS data sheet.

On-Demand Webcasts: 
If you missed our recent live broadcast, download these replays to catch up on hot topics, accelerate learning and view demonstrations of IBM data security and privacy solutions.
2012 InfoSphere Guardium Training Courses
Guardium’s training courses help you achieve results quickly and easily. For more information about training, to sign up for a training course, or to schedule a training session, go to:
GU201: IBM InfoSphere Guardium Technical Training 
This three day course offers a balanced mix of lectures, hands-on lab work, case studies, and testing. Students will learn how to create reports, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. Students will also learn about system administration, archiving, purging, and back-ups.

2U201: IBM InfoSphere Guardium 8 Technical Training – New Self-Paced Course  
In this self-paced course, students will learn how to implement and support Guardium solutions within their environment. The course will highlight report creation, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. See how system administration, archiving, purging, and backups are completed.

Register today!

Proof of Technology and Technical Demonstrations
To attend one of the Proof of Technology sessions listed below, Email an IBM Representative.  Include in your email the session name, date and location you are interested in attending.

InfoSphere Guardium Bootcamp for Business Partners 

This technical workshop is for IBM business partners who are currently working with or are interested in working with IBM InfoSphere Guardium. It provides training on InfoSphere Guardium in a classroom setting. Detailed presentations and hands-on labs on Guardium 8 are included where attendees will gain in-depth knowledge on topics including:

  • InfoSphere Guardium product overview
  • Guardium installation concepts, planning, and configuration
  • Auditing database servers with the Guardium system
  • Monitoring for unusual traffic
  • S-GATE and S-TAP Terminate Functions
  • Vulnerability Assessments
  • Enhanced Enforcement Actions
  • And much more

Learn how IBM InfoSphere Guardium can add value to your security and data management solutions and extend your market opportunity. Business partners working in the consulting industry who are currently working with or plan to work with InfoSphere Guardium are also welcome to attend.

Schedule and registration information

Please Note: We will send an email confirmation to all registrants 1-2 weeks before the bootcamp begins.

Date Country City Registration Information
Feb 19 – 22, 2013 Serbia Belgrade Register here
Jan 19 – 22, 2013 Turkey Ankara Register here
Mar 4 – 7, 2013 Australia Sydney Register here
Mar 12 – 15, 2013 China Guangzhou Register here

Fore more information, go to IBM InfoSphere Guardium Bootcamp
Upcoming Events
Please visit us at the following upcoming events:

Big Data, Integration and Governance Forum
New York, NY – Feb 12, 2013
Seattle, WA – Feb 19, 2013
Los Angeles, CA – Feb 21, 2013
Washington D.C. – March 5, 2013
Overland Park, Kansas– March 19, 2013
Dallas, TX – March 21, 2013

TDWI World Conference
Las Vegas, NV – Feb 17 – 22, 2013 

ISSA CISO Executive Forum
San Francisco, CA – Feb 23-24, 2013

RSA
San Francisco, CA – Feb 25 – March 1, 2013

Pulse 2013
Las Vegas – March 3 – 6, 2013; MGM Grand
With four days of top-notch education, Pulse 2013 will help you react with agility in changing competitive landscapes, reduce vulnerability throughout the service lifecycle, and continuously improve the business impact of the technology. Pulse 2013 will address a multitude of audiences and industries with sessions that demonstrate how to apply the tools and best practices to help your organization achieve business without limits including a dedicated track for managing rapid growth in data, security threats and compliance requirements.

CIO Forum and Executive IT Summit
Seattle, WA – March 12-13, 2013
Boston, MA – March 26-27, 2013

Blogs

Data Privacy Top Concern
Big Data the 2012 Word of the Year
How to Build Security into Big Data Environments
Test Data Privacy – Why Should You Care?
Masking & More: Dynamic Data Transformation
Infographic inside: Why you still need to protect the world’s most secure platforms
Category: InfoSphere Guardium  | Leave a Comment
IBM InfoSphere Guardium eNewsletter: December 2012
Thursday, December 20th, 2012 | Author:
IBM December 2012

InfoSphere Guardium eNewsletter


In this Issue:

  • SC Magazine Awards 2013 Finalists Are Announced
  • 10 Top Government Breaches of 2012, Dark Reading
  • 4 Long-Term Hacks That Rocked 2012, Dark Reading
  • Most Healthcare Organizations Suffered Data Breaches, Dark Reading
  • InfoSphere Guardium for Big Data Transactions and Hadoop-Based Systems
  • Technical Tips: Use the InfoSphere Guardium Universal Feed Series to Create a Customized Data Activity Monitoring Solution, IBM DeveloperWorks
  • On-Demand Webcast: Why Big Data Doesn’t Have to Mean Big Security Challenges, featuring Forrester Analyst John Kindervag 
  • InfoSphere Guardium Training Courses
  • Proof of Technology and Technical Demonstrations
  • InfoSphere Guardium Bootcamp for Business Partners
  • Upcoming Events — New Guardium Tech Talk Series
  • IBM Blogs
  • Quick Links and Resources
  • Newsletter Subscription

SC Magazine Awards 2013 Finalists Are Announced
SC Magazine

IBM Corporation / IBM Software Group has been named SC Magazine’s Awards finalist in 8 categories:

  • Best Database Security Solution
  • Best Policy Management Solution
  • Best Cloud Computing Solution
  • Best Intrusion Detection / Prevention Product
  • Best Managed Security Service
  • Best Web Application Firewall
  • Best Identity Management Application
  • Best Security Information / Event Management Product

As part of the IT security industry’s leading global awards program, SC Awards U.S. was organized to honor the professionals, companies and products that help fend off the myriad security threats confronted in today’s corporate world. The winners will be announced at the 2013 SC Awards U.S. to be held on Feb. 26, 2013 in San Francisco.

Read article.

10 Top Government Data Breaches of 2012
Dark Reading, Ericka Chickowski

SQL injection, post-phishing privilege escalation, and poorly secured back-up information all played their part in exposing sensitive government data stores this year.
This article lists the top 10 breaches impacting government-run agencies and organizations and lessons learned such as Database protection layers, such as database activity monitoring, not to mention other network detection measures could have gone a long way toward minimizing the damage caused by the type of phishing attack that all organizations, public and private, face today.

Read article.

4 Long-Term Hacks That Rocked 2012
Dark Reading, Ericka Chickowski

News of lengthy hacker incursions into enterprise databases and networks has been plentiful over the last year — here’s a highlight reel

So far, 2012 has been the year for skeletons falling out of the IT security closet. The headlines have been hopping with stories of companies whose networks and databases were thoroughly owned by hackers for months and years at a time, often undetected until government agents came to let them know they’d been compromised and had been for a while. Many organizations go to great lengths to keep news of these kinds of breaches under wraps if no regulated PII is stolen, but this year many haven’t kept the light of day from shining on their deep, dark security inadequacies. Dark Reading took a look at some of the most impactful long-term compromises brought to light in the past year and what these events mean to security pros.

Read article.

Most Healthcare Organizations Suffered Data Breaches
Dark Reading, Kelly Jackson Higgins

Data breach problems contagious among U.S. healthcare organizations, new reports show

Two separate reports released today show the critical condition of U.S. healthcare organizations and hospitals when it comes to data breaches, with 94 percent of healthcare organizations hit by at least one data breach and close to half suffering more than five breaches in the past two years.
The estimated cost to the healthcare industry of these breaches is now at an average of $7 billion per year, a 15 percent increase over the past three years, according to the Third Annual Benchmark Study on Patient Privacy & Data Security study by The Ponemon Institute.

Read article.

InfoSphere Guardium for Big Data Transactions and Hadoop-Based Systems

Solution Overview: Managing the entire data security and compliance lifecycle for enterprise systems.
IBM InfoSphere Guardium addresses all aspects of real-time data security and the compliance life cycle. Learn more about our just released version 9 which introduces support for big data Hadoop-based systems.

e-Book: Top tips for securing big data environments
Read this eBook to learn some of the top tips for securing business in a big data environment using InfoSphere Guardium.

Podcast: Learn how to secure big data environments
Learn about unique data security challenges for big data and ways to ensure the integrity of information.

Podcast: What’s new in InfoSphere Guardium v9
Learn how InfoSphere Guardium V9 expands database security to monitor and audit big data transactions.

Podcast:_How to Apply InfoSphere Guardium to the Big Data World
Ron Ben Natan discusses how to apply IBM InfoSphere Guardium to the world of big data, specifically to Hadoop environments. Guardium extends platform coverage to big data with automated compliance reporting and database activity monitoring to protect structured and unstructured sensitive data.

White Paper: Understanding holistic database security: 8 steps to successfully securing enterprise data sources
This paper discusses the eight essential best practices that provide a holistic approach to safeguarding data sources and achieving compliance with key regulations, such as SOX, PCI DSS, GLBA and data protection laws.

Article: Big data security and auditing with IBM InfoSphere Guardium
Monitor and audit access for IBM InfoSphere BigInsights and Cloudera Hadoop. In this article, you will learn how InfoSphere® Guardium® provides database activity monitoring and auditing capabilities that enable you to seamlessly integrate Hadoop data protection into your existing enterprise data security strategy. You will learn how to configure the system and to use InfoSphere Guardium security policies and reports tailored specifically for Hadoop environments. You will also learn about a quick start monitoring implementation available only with IBM InfoSphere BigInsights.

Technical Tips: Use the InfoSphere Guardium Universal Feed Series to Create a Customized Data Activity Monitoring Solution
IBM developerWorks

New databases and new applications are continually being created and adopted to meet specific organizational needs. The requirement for data protection and auditing capabilities is required by mandate and is more critical than ever. The InfoSphere® Guardium® data protection solution is extensible to enable the integration of a wide variety of new databases and sources into its platform, thereby providing a consistent enterprise-wide monitoring solution.

Read the latest articles in the series.

On-Demand Webcast: Why Big Data Doesn’t Have to Mean Big Security Challenges, featuring Forrester Analyst, John Kindervag

As big data environments ingest more data, organizations will face significant risks and threats to the repositories containing this data. Failure to balance data security and quality reduces confidence in decision making. Hear our guest John Kindervag, Forrester Research. Inc.  principal analyst, discuss several requirements security and risk professionals must do to work to create awareness and understanding of the associated responsibilities and risks at the highest levels of the organization.

Joe DiPietro, the IBM InfoSphere Data Governance Center of Excellence Leader will discuss
how your organization can eliminate costly and high risk manual and silo approaches to data security and compliance by unifying and automating regulatory compliance tasks, thereby reducing operational costs while dramatically reducing security risks. With IBM’s InfoSphere Guardium v9 data security and privacy solutions, learn how IBM is helping organization protect their sensitive data in real-time against internal and external threats by continuously monitoring access to heterogeneous databases including data warehouses, Big Data environments and file shares. It enables organizations to create a single, enterprise-wide view of data security and compliance across the entire data infrastructure.

View the Webcast.

Download a copy of the Forrester Research report: “Control and Protect Sensitive Information in the Era of Big Data”.

Download the report.
2012 InfoSphere Guardium Training Courses
Guardium’s training courses help you achieve results quickly and easily. For more information about training, to sign up for a training course, or to schedule a training session, go to:
GU201: IBM InfoSphere Guardium Technical Training
This three day course offers a balanced mix of lectures, hands-on lab work, case studies, and testing. Students will learn how to create reports, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. Students will also learn about system administration, archiving, purging, and back-ups.

2U201: IBM InfoSphere Guardium 8 Technical Training – New Self-Paced Course 
In this self-paced course, students will learn how to implement and support Guardium solutions within their environment. The course will highlight report creation, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. See how system administration, archiving, purging, and backups are completed.

Register today!

Proof of Technology and Technical Demonstrations
To attend one of the Proof of Technology sessions listed below, Email an IBM Representative.  Include in your email the session name, date and location you are interested in attending.

InfoSphere Guardium Bootcamp for Business Partners

This technical workshop is for IBM business partners who are currently working with or are interested in working with IBM InfoSphere Guardium. It provides training on InfoSphere Guardium in a classroom setting. Detailed presentations and hands-on labs on Guardium 8 are included where attendees will gain in-depth knowledge on topics including:

  • InfoSphere Guardium product overview
  • Guardium installation concepts, planning, and configuration
  • Auditing database servers with the Guardium system
  • Monitoring for unusual traffic
  • S-GATE and S-TAP Terminate Functions
  • Vulnerability Assessments
  • Enhanced Enforcement Actions
  • And much more

Learn how IBM InfoSphere Guardium can add value to your security and data management solutions and extend your market opportunity. Business partners working in the consulting industry who are currently working with or plan to work with InfoSphere Guardium are also welcome to attend.

Schedule and registration information

Please Note: We will send an email confirmation to all registrants 1-2 weeks before the bootcamp begins.

Date Country City Registration Information
Jan 21 – 25, 2013 China Shanghai Register here

Fore more information, go to IBM InfoSphere Guardium Bootc
Upcoming Events — New Guardium Tech Talk Series
Please visit us at the following upcoming events:

Announcing new Guardium Tech Talks!

Do you want the opportunity to interact with product experts from the labs? Join us for a series of low key, informal tech talks about Guardium data activity monitoring. Speakers will include product management, support representatives, engineering, QA, and services. These talks will include both deeply technical talks for more experienced users as well as “101” sessions to provide the opportunity for those new to Guardium DAM to get up to speed and have an environment where their questions can be answered.  The sessions will be recorded.

If you have additional questions, or have ideas for tech talks you’d like to see, send an email to krzeide@us.ibm.com.

Guardium V9 Technical Overview (What have you done for me lately?)  

Date: January 24, 2013
Time: 1pm ET/10am PT

Speaker: Nir Carmel, InfoSphere Guardium product line manager
If you haven’t already begun thinking about your upgrade to V9, 2013 is the year to do it. In this session, Nir will describe new and enhanced features in Guardium V9.0 including:

  • Database support, including or new sources such as Hadoop, DB2 for i, VSAM record level monitoring, and Universal Feed
  • Enhancements for enterprise deployments such as new load balancing capabilities
  • Improved monitoring insights with new application ID translation support
  • Support for standards such as SCAP and XACML to support integration
  • Enhanced Vulnerability Assessments
  • Audit process and classification enhancements
  • New appliance hardware and simplified packaging

Register now.

Pulse 2013
Las Vegas – March 3 – 6, 2013; MGM Grand
With four days of top-notch education, Pulse 2013 will help you react with agility in changing competitive landscapes, reduce vulnerability throughout the service lifecycle, and continuously improve the business impact of the technology. Pulse 2013 will address a multitude of audiences and industries with sessions that demonstrate how to apply the tools and best practices to help your organization achieve business without limits including a dedicated track for managing rapid growth in data, security threats and compliance requirements.

Blogs

Securing Big Data and Big Shoppers
Quick Links and Resources
Monitor Data Activity in Real Time
Identify unauthorized or suspicious activities by continuously monitoring access to databases, data warehouses, Hadoop systems and file share platforms in real-time.

Audit and Validate Compliance
Simplify SOX, PCI-DSS, and Data Privacy processes with pre-configured reports and automated oversight workflows (electronic sign-offs, escalations, etc.) to satisfy mandates.

Secure and Protect Big Data Environments
Build security into big data environments to prevent breaches, ensure data integrity and satisfy compliance.

Protect Data Privacy
Develop a holistic approach to data protection to ensure compliance and reduce costs.

Assess Vulnerabilities
Scan the entire data infrastructure for vulnerabilities and receive an ongoing evaluation of your data security posture, using both real-time and historical data.

Safeguard both Structured and Unstructured Data
Ensure structured and unstructured data is identified, transformed and audited.

Deliver Security to Cloud and Virtual Environments
Providing comprehensive data protection for cloud, virtual and physical infrastructures.

InfoSphere Data Security and Privacy Offerings:
InfoSphere Discovery
InfoSphere Guardium Data Encryption
InfoSphere Guardium Activity Monitor
InfoSphere Guardium Vulnerability Assessment
InfoSphere Optim Data Privacy
Category: InfoSphere Guardium  | Leave a Comment
Webcast: Why big data doesn’t have to mean big security challenges
Friday, November 30th, 2012 | Author:
IBM 11/29/2012
Why Big Data Doesn’t Have to Mean Big Security Challenges
Register Now
Date: Wednesday, December 12, 2012 
Time: 11:00 AM PT / 2:00 PM ET

As big data environments ingest more data, organizations will face significant risks and threats to the repositories containing this data. Failure to balance data security and quality reduces confidence in decision making. Hear our guest John Kindervag, Forrester Research. Inc.  principal analyst, discuss several requirements security and risk professionals must do to work to create awareness and understanding of the associated responsibilities and risks at the highest levels of the organization.

Joe DiPietro, the IBM InfoSphere Data Governance Center of Excellence Leader will discuss how your organization can eliminate costly and high risk manual and silo approaches to data security and compliance by unifying and automating regulatory compliance tasks, thereby reducing operational costs while dramatically reducing security risks. With IBM’s InfoSphere Guardium v9 data security and privacy solutions, learn how IBM is helping organizations protect their sensitive data in real-time against internal and external threats by continuously monitoring access to heterogeneous databases including data warehouses, Big Data environments and file shares. It enables organizations to create a single, enterprise-wide view of data security and compliance across the entire data infrastructure.

All attendees will receive a complimentary copy of Forrester Research report: “Control and Protect Sensitive Information in the Era of Big Data.”

Reserve Your Seat Today

 Featured Speakers

John Kindervag,
Principal Analyst serving Security & Risk PROFESSIONALS, Forrester Research
Joseph DiPietro,
Data Governance Center of Excellence Leader and Director of Systems Engineering, IBM InfoSphere Guardium

 
Category: InfoSphere Guardium  | Leave a Comment
Benefits of InfoSphere Guardium for System Z in the healthcare industry
Friday, November 30th, 2012 | Author:

Mark Simmonds, a senior product marketing manager, talks with Butch Stearns of The Pulse Network TV about InfoSphere® Guardium® on System z® for the healthcare industry. In the inverview, Mark explains how InfoSphere Guardium works, its benefits and advantages, and how it’s viewed in the marketplace. He also examines the very serious costs associated when security breaches occur.

 

READ MORE …

Category: InfoSphere Guardium  | Leave a Comment
10 Critical Database Activities You Should Be Monitoring
Monday, November 05th, 2012 | Author:
October 2012
Download now: “Database activities you should be monitoring,” a Gartner Analyst report 
 

As relational database management systems (RDBMSs) grow in size, scope and complexity, the supporting business initiatives such as data consolidation, BI, data warehousing, big data and information governance also increase. The risks associated with these business critical RDBMSs and the sensitive data they contain are becoming more difficult to solve.

For compliance and auditing purposes, senior-level security and risk professionals, as well as data and business process owners, need to know more than they currently do about their enterprises’ database activities including who is accessing sensitive data.

We invite you to read this complimentary Gartner Analyst report by Jeffrey Wheatman listing 10 critical database activities and behaviors — segmented by four user profiles — that enterprises should be auditing now.

Recommendations include:

  • Audit 10 critical database activities and behaviors
  • Conduct a database risk assessment, applying a balanced approach to risk management and mitigation
  • Focus on the biggest impact areas, such as privileged-user activities and access to business critical data
  • Balance the cost, impact and security benefits when evaluating and implementing monitoring tools

To learn more about IBM database security, privacy and compliance solutions at ibm.com/guardium.

Download now: “Database activities you should be monitoring,” a Gartner Analyst report

eNewsletter Subscription Management

Subscribe | Unsubscribe | | Feedback
Copyright © IBM InfoSphere Guardium 2012. All rights reserved. IBM, the IBM logo, ibm.com, InfoSphere and Guardium are trademarks of IBM. All other trademarks and service marks are the property of their respective owners.IBM InfoSphere Guardium
5 Technology Park Drive
Westford, MA 01886

Contact IBM
Category: InfoSphere Guardium  | Leave a Comment
IBM Guardium targets Hadoop security among slew of updates
Monday, October 22nd, 2012 | Author:

IBM has released what it says is its biggest security rollout to date, with ten new products, including what it claims is the world’s first ever Hadoop data security system.

The new InfoSphere Guardium v9 for Hadoop system was unveiled on Thursday along with a slew of other updated security products.

IBM said that it released the upgrade to help businesses protect their systems and data against the growing number of cyber threats that now exist.

“IT systems must now supply enormous amounts of data to users located around the globe, who access data from both cloud environments, enterprise and personal devices,” IBM world wide security solutions market leader, Darren Argyle told V3.

 

READ MORE …

Category: InfoSphere Guardium  | Leave a Comment
IBM claims first with Hadoop data security suite
Thursday, October 18th, 2012 | Author:

IBM is launching what it claims is the first data security system for Hadoop, as part of its biggest product rollout of security software and services yet seen from the company.

Big Blue’s not the highest profile security firm, but it has been buying in a lot of talent over the last three years and last year grouped staff and resources around a dedicated security unit. That team has now released a raft of new and updated products as part of a drive to make the company something for everything, from the datacenter to the mobile.

The Hadoop system, dubbed InfoSphere Guardium v9 for Hadoop, stems from technology bought out by Big Blue in 2009 from Guardium, and covers real time security and vulnerability monitoring. The software works with both structured and unstructured databases and includes an automatic compliance and data privacy reporting system.

 

READ MORE …

Category: InfoSphere Guardium  | Leave a Comment
« Previous Entries