Archive for the Category ◊ InfoSphere Guardium ◊

IBM InfoSphere Guardium Newsletter: December 2013
Wednesday, December 04th, 2013 | Author:
IBM December 2013


In this Issue:

  • InfoSphere Guardium eNews Subscriber survey deadline Dec. 15.
  • New! IBM InfoSphere Data Privacy for Hadoop
  • A South American automotive financing company tightens data security
  • Lessons Learned From 4 Major Data Breaches In 2013, DarkReading
  • Live Webcast: Top Big Data Security Tips and Ultimate Protection for Enterprise Data, Dec. 10
  • DeveloperWorks InfoSphere Guardium Quick Reference Wiki Site
  • InfoSphere Guardium data security and protection for MongoDB, Part 1: Overview of the solution and data security recommendations
  • New eBook: Data Protection for Big Data Environments
  • Upcoming Events

InfoSphere Guardium eNewsletter Subscriber surveyYour opinion matters and we hope to capture your interest in a quick 5-question survey. Every month, this newsletter features the latest data security and privacy news, products announcements, technical tips and upcoming events.

If you haven’t done so already, please complete this year-end survey. All responses are anonymous and must be received by December 15, 2013.

Complete subscriber survey now
New! IBM InfoSphere Data Privacy for HadoopIBM® InfoSphere® Data Privacy for Hadoop® de-identifies and monitors sensitive data which resides within big data environments. The solution provides a complete set of Hadoop capabilities to mask or redact data, monitor and audit data activity and maintain common data definitions. InfoSphere Data Privacy for Hadoop protects data and supports compliance initiatives across all variety of Hadoop environments.

Read more
A South American automotive financing company tightens data security and automates audit reporting across mainframe and distributed environmentsTwo years ago, IT staff at this South American automotive financing company conducted a review of the bank’s IT security and governance programs. This effort was part of the bank’s ongoing work to protect client information. At the outset, a key focus area was database security. The bank had used an internally developed solution to control authorized access and secure information in application databases. However, this solution was decentralized and had to be updated to support timely audit reporting and compliance requirements.

Read more
Lessons Learned From 4 Major Data Breaches In 2013
DarkReading
In many respects the breach trends of 2013 have borne out some good news for the security industry. Unlike the past four- to five years, this one has not been awash with mega database breaches of tens of millions of records containing personally identifiable information (PII). This year, that tally so far equals about 10.6 million records compromised and 483 breaches reported.

Read more
Live Webcast: Top Big Data Security Tips and Ultimate Protection for Enterprise Data
Date: Dec. 10, 2013
Time: 1:00 PM (Eastern Time) / 10:00 AM (Pacific time)
Speakers: Mark Simmonds Sr. IBM IM Product Marketing Manager and Peter Mandel, IBM InfoSphere Guardium Product Line Manager

Organizations are leveraging increasing varieties and large volumes of information to gain deeper insight into their business. In today’s data intensive environment, data protection is a requirement to reduce business risk particularly as customers undertake big data initiatives. Join us for this webinar so you can discover how you can:

  • Ensure real time monitoring and reporting of security related events
  • Protect a wide range of data sources across many platforms and database vendors
  • Lower the cost of compliance with prebuilt policies, reports and automation
  • Discover sensitive data and categorize vulnerabilities
  • Monitor for suspicious behavior and can block activity

BONUS: All attendees will also receive a complimentary copy of the ebook: Top Tips for Securing Big Data Environments.Register now!

DeveloperWorks InfoSphere Guardium Quick Reference Wiki Site

InfoSphere Guardium data security and protection for MongoDB, Part 1: Overview of the solution and data security recommendationsThis article series describes how to monitor and protect MongoDB data using IBM InfoSphere Guardium. Part 1 describes an overview of the solution, the architecture, and the benefits of using InfoSphere Guardium with MongoDB. The value of the fast growing class of NoSQL databases such as MongoDB is the ability to handle high velocity and volumes of data while enabling greater agility with dynamic schemas. Many organizations are just getting started with MongoDB, and now is the time to build security into the environment to save time, prevent breaches, and avoid compliance violations. This article series describes configuration of the solution, sample monitoring use cases, and additional capabilities such as quick search of audit data and building a compliance workflow using an audit process.

Read more
New eBook: Data Protection for Big Data EnvironmentsWith 2.5 quintillion bytes of data created every day, organizations cannot wait to establish business-driven protection policies for keeping data safe. The rising volume of data and the growing number of analytics systems storing sensitive data exponentially increases the risk of breaches. IBM® InfoSphere® has evolved information integration and governance to help organizations create and enforce real-time data security and privacy policies to keep customer, business, personally identifiable information and other types of sensitive data safe.

Download now

Upcoming Events
IBM Pulse 2014
February 23-26, 2014
Las Vegas, NV
IBM Pulse 2014 is the ideal venue to explore the latest developments in cloud, security, asset management, and smarter infrastructure. Join us for visionary keynotes, leading edge education, and a solution expo featuring hundreds of products and services that can help you leverage cloud as a growth engine for a smarter enterprise. Find out more about how to best protect your data as well as security policies to support compliance and audit in the Application & Data Security Strategies and Best Practices track. This track will feature sessions on safeguarding data throughout its lifecycle and covering application security strategies for traditional and mobile applications.
Blogs and Video Postings

IBM Security Blog

View the Guardium channel on YouTube

Social media links
Follow Guardium on www.twitter.com/IBM_Guardium

Follow @IBMSecurity for the latest updates

View the Guardium channel on YouTube


Forward to a friend Renew your subscription: Your monthly source for news, advice and learning for continuous protection against database attacks and insider threats.
Quick Links

Monitor Data Activity in Real Time
Identify unauthorized or suspicious activities by continuously monitoring access to databases, data warehouses, Hadoop systems and file share platforms in real time.

Audit and Validate Compliance
Simplify SOX, PCI-DSS, and Data Privacy processes with pre-configured reports and automated oversight workflows (electronic sign-offs, escalations, etc.) to satisfy mandates.

Secure and Protect Big Data Environments
Build security into big data environments to prevent breaches, ensure data integrity and satisfy compliance.

Protect Data Privacy and Support Compliance
Develop a holistic approach to data protection to ensure compliance and reduce costs.

Assess Vulnerabilities
Scan the entire data infrastructure for vulnerabilities and receive an ongoing evaluation of your data security posture, using both real-time and historical data.

Safeguard both Structured and Unstructured Data
Ensure structured and unstructured data is identified, transformed and audited.

Deliver Security to Cloud and Virtual Environments
Providing comprehensive data protection for cloud, virtual and physical infrastructures.

Produce Better Business Outcomes with Information Governance
Ensure Enhanced information integrity, availability and quality.

InfoSphere Data Security and Privacy Offerings:

InfoSphere Discovery
InfoSphere Guardium Data Encryption
InfoSphere Guardium Activity Monitor
InfoSphere Guardium Vulnerability Assessment
InfoSphere Optim Data Privacy

IBM InfoSphere Guardium Newsletter: November 2013
Sunday, November 03rd, 2013 | Author:
IBM November 2013



In this Issue:

  • New! Comprehensive Multi-layer Data Protection with New IBM InfoSphere Guardium v9.1 , Guardium Data Encryption v2.0 and IBM Security Key Lifecycle Manager v2.5
  • Information On Demand 2013, Nov. 3-7, Las Vegas
  • Guardium Tech Talk: A Big Data security use case: A holistic approach to data protection, Nov. 14
  • Live Webcast: Top Big Data Security Tips and Ultimate Protection for Enterprise Data, Dec. 10
  • NEW!  IBM’s 2013 Chief Information Security Officer Assessment
  • Anatomy Of A SQL Injection Attack, a DarkReading report
  • Protecting Data in Physical and Virtual Infrastructures, IBM Data Magazine
  • On-Demand Webcasts
  • Upcoming Events

Comprehensive multi-layer data protection with New IBM Infosphere Guardium v9.1 , Guardium Data Encryption v2.0 and IBM Security Key Lifecycle Manager v2.5

  • Enterprises can now protect data  when it is in active use in an application, at a file level and when it is at rest in a database and even  at the storage device level. omprehensive multi-layer data protection with New IBM Infosphere Guardium v9.1 , Guardium Data Encryption v2.0 and IBM Security Key Lifecycle Manager v2.5
  • Enterprises can now protect data  when it is in active use in an application, at a file level and when it is at rest in a database and even  at the storage device level.
  • InfoSphere Guardium provides real-time data security and monitoring, fine-grained database auditing, automated compliance reporting, data-level access control, database vulnerability management, auto-discovery of sensitive data and static and dynamic masking on demand. The new InfoSphere Guardium v9.1 extends these capabilities to big data environments as wellInfoSphere Guardium Data Encryption complements Guardium Data Activity Monitoring capabilities with file-level encryption for critical data containers, policy-based access controls that decrypt information only for authorized processes and users and file-level data access logging and alerting.
  • IBM Security Key Lifecycle Manager empowers organizations to take an integrated approach to encryption key management for protecting active as well as archived data. It can manage encryption keys not only for IBM storage devices, but also for standards-based devices from other vendors—including Emulex, Brocade, Network Appliance and Thales. Plus, it provides quick time to value with an intuitive interface and lightweight architecture.

Read the white paper “Encrypting data with confidence, across the enterprise and beyond”.

New! InfoSphere Guardium v9.1 Expands Product Platform Support for Big Data, Improves Scalability & Helps to cut operating costs.

Announcement date: October 1, 2013
eGA date: October 25, 2013

IBM InfoSphere Guardium extends its market-leading data activity monitoring solutions to a growing landscape of new generation data repositories and platforms.

  • Hadoop, supporting Hadoop-based systems including IBM® BigInsights™, Hive, MapReduce, HBase and HDFS to help organizations meet compliance requirements and protect sensitive data in real time.
  • Greenplum -  helping organizations meet compliance requirements while exploiting new innovations in data processing and analytics.
  • MongoDB – addressing the fast growing class of NoSQL databases by delivering the first data monitoring and auditing solution for MongoDB to prevent data breaches and avoid compliance violations without sacrificing performance.
  • NoSQL -  helping speed the deployment of NoSQL by breaking down the inhibitors to meeting security and compliance requirements and reducing overall risk.
  • eBook: Data security strategies for next generation data warehouses – In this ebook, we’ll offer data security strategies to help protect data warehouses: Ensure data is secure Protect the data warehouse Address the data security and compliance life cycle Next generation activity monitoring and audit protection solutions.

Information On Demand 2013
November 3-7, 2013
Mandalay Bay, Las Vegas, NV

IOD 2013 brings together more than 13,000 business and technology leaders to experience four days of in-depth look at Information Management, Business Analytics and Enterprise Content Management.

InfoSphere® Guardium® solutions will be featured in the Data Security and Privacy track in the Information Management Forum where you will find a range of InfoSphere Guardium session and expert speakers:

  • Data Security and Privacy track  – More than 30 sessions covering topics for InfoSphere Guardium and InfoSphere Optim Privacy solutions — including data activity monitoring, vulnerability assessment, data encryption, data masking, data discovery, data redaction, governance, compliance, as well as data and audit protection for cloud, hadoop, Puredata & warehouse, big data and NoSQL environments.
  • Meet with Key Technical Executives – including Joe DiPietro, client technical manager, CoE leader and Nir Carmel, Guardium product line manager.
  • Featured Client Sessions – Renato Salatiel, Itau Unibanco will present in the session titled: Itau Unibanco Bank secures mission-critical banking applications to address SOX and PCI requirements.
  • Diversity of learning experiences – Build your agenda to include educational sessions, usability labs, expert exchanges and a visit to the EXPO booth 322.

Guardium Tech Talk: A Big Data security use case: A holistic approach to data protection

Date:    Nov. 14, 2013
Time:    11:30 AM – 12:30 PM (Eastern Time)

Speaker: Rodrigo Bisbal (IBM), InfoSphere Guardium Security Solutions Specialist

In this tech talk, one of InfoSphere Guardium’s most experienced security solution specialists will demonstrate a real use case for holistic protection using InfoSphere Guardium Hadoop Activity Monitoring and InfoSphere Guardium Data Encryption for data at rest. He will further demonstrate an integration between the Guardium Data Encryption audit logs and InfoSphere Guardium Activity Monitoring using Universal Feed so that file access auditing events can be alerted on and forwarded to an SIEM system such as IBM QRadar.

Register here.  

Visit the Tech Talk wiki page for links to all previous tech talk materials and replays.

Live Webcast: Top Big Data Security Tips and Ultimate Protection for Enterprise Data

Date:    Dec. 10, 2013
Time:    1:00 PM (Eastern Time)  / 10:00 AM (Pacific time)
Speakers: Mark Simmonds  Sr. IBM IM Product Marketing Manager and Peter Mandel, IBM InfoSphere Guardium Product Line Manager

Organizations are leveraging increasing varieties and large volumes of information to gain deeper insight into their business. In today’s data intensive environment, data protection is a requirement to reduce business risk particularly as customers undertake big data initiatives. Join us for this webinar so you can discover how you can:

  • Ensure real time monitoring and reporting of security related events
  • Protect a wide range of data sources across many platforms and database vendors
  • Lower the cost of compliance with prebuilt policies, reports and automation
  • Discover sensitive data and categorize vulnerabilities
  • Monitor for suspicious behavior and can block activity

Lower the cost and effort of compliance and take a proactive approach to protecting your many data sources.

BONUS: All attendees will also receive a complimentary copy of the ebook: Top Tips for Securing Big Data Environments.

Register now!

NEW!  IBM’s 2013 Chief Information Security Officer Assessment
The evolving role of today’s security leader

Stay ahead of threats by downloading IBM’s 2013 Chief Information Security Officer Assessment.

Learn how today’s security leaders are developing effective business relationships, investing in advanced security controls, and using metrics to develop strategy and build their organizations.

Visit our new web experience for CISOs at ibm.com/security/ciso

Anatomy Of A SQL Injection Attack
A DarkReading report

SQL injection is the attack method that just won’t go away. For 15 years it has been wreaking havoc on the enterprise. Does that mean SQL injection attacks are unstoppable? Hardly. Rather, it means we have a history of experience to draw – and learn – from. In this Dark Reading report, we examine the ways in which SQL injection attacks are perpetrated and what you can do to ensure that your organization does not fall prey.

Get the report

Protecting Data in Physical and Virtual Infrastructures
IBM Data Magazine
Protect information across the enterprise in physical, virtual and cloud, and big data infrastructures by understanding where sensitive data exists, safeguarding it in both structured and unstructured formats, protecting nonproduction environments, securing and continuously monitoring access to the data, and demonstrating compliance to pass audits.

Read more

On Demand Webcasts

If you missed our recent live broadcast, download these replays to catch up on hot topics, accelerate learning and view demonstrations of IBM data security and privacy solutions.

Upcoming Events
Information On Demand 2013
November 4-7, 2013

Mandalay Bay, Las Vegas, NV

X-Force Emerging Threats 2013 Road Show
Download now the IBM X-Force 2013 Mid-Year Trend and Risk Report

King of Prussia  X-Force Emerging Threats 2013 – King of Prussia    10/17/2013
Toronto             X-Force Emerging Threats 2013 – Toronto               10/22/2013
Chicago            X-Force Emerging Threats 2013 – Chicago               10/23/2013
Glendale           X-Force Emerging Threats 2013 – Denver                10/24/2013

Blogs and Video Postings

IBM Security Blog

View the Guardium channel on YouTube

Read the new blog on data protection by Kathy Zeidenstein:

What exactly does the rise of Hadoop and NoSQL systems mean for data protection and security

Social media links
Follow Guardium on www.twitter.com/IBM_Guardium

Follow @IBMSecurity for the latest updates

View the Guardium channel on YouTube


Forward to a friend Renew your subscription: Your monthly source for news, advice and learning for continuous protection against database attacks and insider threats.

 Quick Links

Monitor Data Activity in Real Time
Identify unauthorized or suspicious activities by continuously monitoring access to databases, data warehouses, Hadoop systems and file share platforms in real time.

Audit and Validate Compliance
Simplify SOX, PCI-DSS, and Data Privacy processes with pre-configured reports and automated oversight workflows (electronic sign-offs, escalations, etc.) to satisfy mandates.

Secure and Protect Big Data Environments
Build security into big data environments to prevent breaches, ensure data integrity and satisfy compliance.

Protect Data Privacy and Support Compliance
Develop a holistic approach to data protection to ensure compliance and reduce costs.

Assess Vulnerabilities
Scan the entire data infrastructure for vulnerabilities and receive an ongoing evaluation of your data security posture, using both real-time and historical data.

Safeguard both Structured and Unstructured Data
Ensure structured and unstructured data is identified, transformed and audited.

Deliver Security to Cloud and Virtual Environments
Providing comprehensive data protection for cloud, virtual and physical infrastructures.

Produce Better Business Outcomes with Information Governance
Ensure Enhanced information integrity, availability and quality.

InfoSphere Data Security and Privacy Offerings:

InfoSphere Discovery
InfoSphere Guardium Data Encryption
InfoSphere Guardium Activity Monitor
InfoSphere Guardium Vulnerability Assessment
InfoSphere Optim Data Privacy

Enhancement of IBM InfoSphere Guardium

News | CIOL Bureau

TOKYO, JAPAN: NEC Corp. has announced plans to enhance IBM InfoSphere Guardium (Guardium) scale-out architecture database software through the use of NEC’s “InfoFrame Elastic Relational Store” (IERS), which provides flexible scalability and high reliability for rapid data growth.

The latest IERS functions enable it to monitor unauthorized access, acquire and maintain audit trails, provide security at a level equivalent to that of Relational Database (RDB) products, and to offer audit support.

 

 

 

READ MORE …

IBM InfoSphere Guardium Newsletter: August 2013
Wednesday, August 28th, 2013 | Author:
IBM August 2013

InfoSphere Guardium eNewsletter



In this Issue:

  • Bolstering Big Data Protection for Confident Decisions, IBM Data Magazine
  • Live Webcast: Building Confidence in Big Data with Information Integration and Governance
  • SANS 2013 Critical Security Controls Survey
  • BlackHat 2013 Recap: Prioritizing Risks, Vulnerabilities is Key
  • Gartner Publishes 2013 Magic Quadrant for SIEM
  • eBook: Bridging the Data Security Gap
  • Making Sense of Encryption Technique Options
  • InfoSphere Guardium Tech Talk – Implementing a Data Protection and Compliance Solution for IBM i
  • InfoSphere Guardium Training Courses
  • Proof of Technology and Technical Demonstrations
  • InfoSphere Guardium Bootcamp for Business Partners
  • Upcoming Events
  • IBM Blogs
  • Quick Links and Resources

Bolstering Big Data Protection for Confident Decisions
IBM Data Magazine
There is no turning back. Having been thrust into the era of big data, many organizations are scrambling for enhanced ways to harness its power in real time. But as new big data opportunities emerge, ensuring the veracity and security of information becomes increasingly more challenging than ever before. Rising numbers of data sources exist each day, and a wide variety of data types are speeding into and out of the enterprise at unprecedented rates. In addition, data volumes are growing exponentially—2.5 quintillion bytes of data are created every day.

Read more


Live Webcast: Building Confidence in Big Data with Information Integration and Governance 

Date: Tuesday, September 17, 2013
Time: 11:00 AM PT / 2:00 PM ET

Join guest speaker, Michele Goetz, Forrester research analyst, as she reviews the latest research findings on Information Integration and Governance in the era of big data and David Corrigan, Director, Product Marketing, InfoSphere for IBM who will discuss how information governance will be making big data and analytics more successful with trusted and protected information.

In this session, you will learn:

  • Key new integration and governance requirements for big data environments
  • How to seamlessly accommodate diverse information landscapes and uses
  • How to secure and protect information, even if you don’t own it

Register here

SANS 2013 Critical Security Controls Survey
Over the years, many security standards and requirements frameworks have been developed in attempts to address risks to enterprise systems and the critical data in them. However, most of these efforts have essentially become exercises in reporting on compliance and have actually diverted security program resources from the constantly evolving attacks that must be addressed.

The SANS Institute conducted an online survey on attitudes toward the adoption of the Critical Security Controls (CSCs) during March and April 2013. The survey had a total of 699 respondents.

Findings from this survey include:

  • The majority of respondents (73%) is aware of the CSCs and has adopted or are planning to adopt them, while a further 15% are aware of the Controls, but have no plans to adopt them. Only 12% hadn’t heard of the Controls before the survey.
  • The respondents’ primary driver for Controls adoption is the desire to improve enterprise visibility and reduce security incidents.
  • Operational silos within the IT security organization and between IT and other business departments are still the greatest impediment to implementing repeatable processes based on the Controls.
  • Only 10% of respondents feel they’ve done a complete job of implementing all of the Controls that apply to their organizations.

Download the SANS survey

Black Hat 2013 Recap: Prioritizing Risks, Vulnerabilities is Key

I had the opportunity to attend the annual Black Hat conference in Las Vegas last week (my second) and this time my focus was on speaking with security practitioners (and their archenemies) about thedirection we’re heading regarding Security Intelligence, particularly focused on some of the work we’re doing around risk mitigation and prioritizing vulnerabilities based on various risk factors.

Read more

Gartner Publishes 2013 Magic Quadrant for SIEM 

The Gartner SIEM Magic Quadrant for 2013 has published. The news is out, and IBM Security has improved our position as a Leader in the 2013 Magic Quadrant for SIEM (Security Information and Event Management) again — marking the 5th year in a row that IBM Security/Q1 Labs has achieved this leadership position. For the first time, IBM/Q1 Labs is in the top position in the SIEM MQ.

Read more

Bridging the data security gap – Unified data protection for four key data environments

Today’s IT environment is complex- big data, cloud and virtual, enterprise data, and enterprise application security. How do you protect them all?

Read this e-book and learn how you can implement an effective data security and privacy solution for multiple environments.

Download the eBook

Making Sense of Encryption Technique Options

While it’s easy to get caught up in all the excitement and opportunity of big data, it’s also easy to forget that it’s still affected by the same problems as any other data. Data breaches don’t distinguish between big or “small” data – if there’s value in the data, everything is fair game for attack. One of the most proven lines of defense against data breaches is to protect the data itself with encryption. While there is often the misconception that data encryption is a nice-to-have, there are increasing pressures and challenges.

Read more

InfoSphere Guardium Tech Talk: Implementing a Data Protection and Compliance Solution for IBM i

Date: Thursday, August 29, 2013
Time: 11:30 AM ET/8:30 AM PT
Speakers: Scott Forstie, IBM i development and Larry Burroughs, Guardium WW COE
Hosted by: Kathryn Zeidenstein

IBM i powers many midsize and large companies around the world and is known for its level of integration. Previously, the options for in-depth database monitoring of the integrated DB2 database had significant drawbacks.

The engineering teams from InfoSphere Guardium and IBM i collaborated to deliver a significantly improved database monitoring solution that delivers detailed monitoring data in real time, helping organizations meet the data security and compliance requirements for their industries. This special 90-minute tech talk will help those who are responsible for planning and implementing data protection solutions for IBM i get up to speed on this exciting new technology.

In this tech talk, you will learn:

  • Introduction to InfoSphere Guardium and IBM i
  • The architecture of the new solution and how it overcomes shortcomings of previous solutions
  • How to get up and running, including simple report creation
  • Best practices
  • Troubleshooting


Register here

Visit the Tech Talk wiki page for links to all previous tech talk materials and replays.

On-Demand Webcasts: 
If you missed our recent live broadcast, download these replays to catch up on hot topics, accelerate learning and view demonstrations of IBM data security and privacy solutions.

2013 InfoSphere Guardium Training Courses

Guardium’s training courses help you achieve results quickly and easily. For more information about training, to sign up for a training course, or to schedule a training session, go to:

  • GU201: IBM InfoSphere Guardium Technical Training
    This three-day course offers a balanced mix of lectures, hands-on lab work, case studies, and testing. Students will learn how to create reports, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. Students will also learn about system administration, archiving, purging, and back-ups.
  • 2U201: IBM InfoSphere Guardium 8 Technical Training – New Self-Paced Course  
    In this self-paced course, students will learn how to implement and support Guardium solutions within their environment. The course will highlight report creation, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. See how system administration, archiving, purging, and backups are completed.

Register today! 

Proof of Technology and Technical Demonstrations
To attend one of the Proof of Technology sessions – Email an IBM Representative. Include in your email the location you are interested in attending one.

InfoSphere Guardium Bootcamp for Business Partners

This technical workshop is for IBM business partners who are currently working with or are interested in working with IBM InfoSphere Guardium. It provides training on InfoSphere Guardium in a classroom setting. Detailed presentations and hands-on labs on are included where attendees will gain in-depth knowledge on topics including:

  • InfoSphere Guardium product overview
  • Guardium installation concepts, planning, and configuration
  • Auditing database servers with the Guardium system
  • Monitoring for unusual traffic
  • S-GATE and S-TAP Terminate Functions
  • Vulnerability Assessments
  • Enhanced Enforcement Actions
  • And much more…

Learn how IBM InfoSphere Guardium can add value to your security and data management solutions and extend your market opportunity. Business partners working in the consulting industry who are currently working with or plan to work with InfoSphere Guardium are also welcome to attend.

Schedule and registration information

Please Note: We will send an email confirmation to all registrants 1-2 weeks before the bootcamp begins.

Date Country City Registration Information
Aug 27 – 30, 2013 Brazil Sao Paulo Register here
Sept 10 – 13, 2013 Colombia Bogota Register here
Sept 23 – 26, 2013 Kenya Nairobi Register here

Fore more information, go to IBM InfoSphere Guardium Bootcamp

Upcoming Events
Please visit us at the following upcoming events:

InterConnect 2013
Singapore, Oct. 9-11, 2013

Information on Demand 2013 
Las Vegas, NV – November 3 – 7, 2013; Mandalay Bay

Please join us in Las Vegas, for the industry-leading conference for big data and analytics driven organizations. This year, we will bring together 13,000 business and technology leaders for an in-depth look at Information Management, and ways you can leverage technology for competitive advantage and to uncover entirely new opportunities for growth.

Save with the Early Bird Discount 
Don’t miss Information On Demand 2013! Register by September 13 and save $300 on this must attend event. Also, returning attendees are eligible for an additional $100 savings at registration.  Registering early can also mean savings on hotel rooms and being closer to the action at Information On Demand 2013.

Register today

Executive Meeting Center now open 
More than 170 IBM executives will attend Information On Demand 2013 to meet with you personally.  Executives who are available have a wide range of expertise that covers product development, research, business development, Watson, sales and marketing.  Calendars fill up quickly, so act now to insure you don’t miss this opportunity.  If you would like to meet with an IBM executive, please notify your IBM sales contact who can request a one-on-one meeting on your behalf.  (Note: Only registered attendees may request meetings.)

Blogs

Featured Blog
Four Steps to Data Security in the Cloud

The infamous bank robber Willie Sutton is often quoted as saying that criminals go after banks because “that is where the money is.”  Whatever the source, the intended meaning is of course that thieves try to steal wherever things of value are located.

In the digital age, information is the new source of value.

Read more

IBM Security BlogInstitute for Advanced Security Blog

Social media links
Follow Guardium on www.twitter.com/IBM_Guardium

Follow @IBMSecurity for the latest updates

View the Guardium channel on YouTube


<section_5_content_3><section_5_content_4><section_5_content_5>

 Quick Links

Monitor Data Activity in Real Time 
Identify unauthorized or suspicious activities by continuously monitoring access to databases, data warehouses, Hadoop systems and file share platforms in real time.

Audit and Validate Compliance
Simplify SOX, PCI-DSS, and Data Privacy processes with pre-configured reports and automated oversight workflows (electronic sign-offs, escalations, etc.) to satisfy mandates.

Secure and Protect Big Data Environments 
Build security into big data environments to prevent breaches, ensure data integrity and satisfy compliance.

Protect Data Privacy and Support Compliance 
Develop a holistic approach to data protection to ensure compliance and reduce costs.

Assess Vulnerabilities 
Scan the entire data infrastructure for vulnerabilities and receive an ongoing evaluation of your data security posture, using both real-time and historical data.

Safeguard both Structured and Unstructured Data 
Ensure structured and unstructured data is identified, transformed and audited.

Deliver Security to Cloud and Virtual Environments
Providing comprehensive data protection for cloud, virtual and physical infrastructures.

Produce Better Business Outcomes with Information Governance
Ensure Enhance information integrity, availability and quality.

InfoSphere Data Security and Privacy Offerings:
InfoSphere Discovery
InfoSphere Guardium Data Encryption
InfoSphere Guardium Activity Monitor
InfoSphere Guardium Vulnerability Assessment
InfoSphere Optim Data Privacy

IBM July 2013
Banner top
Webcast: Exposing the Hidden Costs of Database Security Solutions
Date: Thursday, August 1, 2013
Time: 2:00 PM ET/1:00 PM CT/11:00 AM PT
Speakers: Kimberly Madia, IBM Product Marketing Manager;
Amy DeCarlo, Principal Analyst, Security and Data Center Services

Register now.

IT security professionals evaluating various database security solutions will see a slew of benefit statements and favorable pricing, all in an effort to influence a purchase decision toward a specific solution.  Nevertheless, by paying close attention to the features in six key capabilities, decision-makers can calculate the hidden cost of any such solution in three critical areas: Staff, Hardware, and Risk Mitigation.  Once these hidden costs are calculated, line-of-business and IT executives will see a wide disparity between database security offerings from which the solution with the largest organizational value and lowest total cost of ownership may be selected.

In this webcast, we will provide a framework to calculate the financial impact of any database security solution and evaluate the attributes and features:

• Tool monitoring and configuration management
• Reporting capabilities
• Solution administration and management
• APIs and integration methods
• Architecture
• Alerts, policies, and audit reports

Attendees of this webcast will receive a complimentary download of Exposing the Hidden Costs of Database Security Solutions.

Register now.

gray bar

IBM InfoSphere Guardium Newsletter: June 2013
Sunday, June 30th, 2013 | Author:
IBM June 2013




In this Issue:

  • Verizon 2013 Data Breach Investigations Report Now Available
  • IBM InfoSphere Guardium Data Activity Monitoring for MongoDB, Greenplum, and Hadoop
  • File-level Encryption for Data at Rest is a Key Capability to Build a Defense In-depth Approach
  • 5 Big Database Breaches of Spring 2013
  • What Every DBA Should Know About Data Security
  • Live Webcast: Why Information Governance Must be Addressed Now
  • Live Webcast: Exposing the Hidden Costs of Database Security Solutions
  • On Demand Webcast: IBM X-Force 2012 Annual Trend Report
  • InfoSphere Guardium Tech Talk – Planning a Successful Deployment, Part 2
  • InfoSphere Guardium Training Courses
  • Proof of Technology and Technical Demonstrations
  • InfoSphere Guardium Bootcamp for Business Partners
  • Upcoming Events
  • IBM Blogs
  • Quick Links and Resources

 


Verizon 2013 Data Breach Investigations Report  

This year’s Data Breach Investigation Report combines the expertise of 19 organizations from around the globe. Download the report to discover stats that might surprise you – from the percentage of espionage-related attacks to the astonishing length of time it often takes to spot a security breach. By knowing today’s threats, you can better protect your organization tomorrow.

New!  MongoDB, Greenplum and Hadoop data activity monitoring

IBM InfoSphere Guardium Data Activity Monitor for MongoDB
IBM® InfoSphere® Guardium® addresses the fast growing class of NoSQL databases by delivering the first data monitoring and auditing solution for MongoDB to prevent data breaches and avoid compliance violations without sacrificing performance.

Read data sheet. 

Read the DeveloperWorks article series.

Listen to the Webcast Replay – Best Practices for Securing and Protecting MongoDB Data

IBM InfoSphere Guardium Data Activity Monitor for Greenplum Database
IBM® InfoSphere® Guardium® extends its market leading data activity monitoring solution to include leading-edge platforms, such as Greenplum database, to help organizations meet compliance requirements while exploiting new innovations in data processing and analytics.

Read data sheet.

IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems
IBM® InfoSphere® Guardium® extends its market-leading data activity monitoring solution to Hadoop-based systems including Hive, MapReduce, HBase and HDFS to help organizations meet compliance requirements and protect sensitive data in real time.

Read data sheet.

File-level Encryption for Data at Rest is a Key Capability to Build a Defense In-depth Approach

With all the focus on whistle blowers this month and an increasing awareness of data abuse and misuse, it makes sense to revisit “8 Steps for Holistic Database Security.” The whitepaper was written by several InfoSphere Guardium experts and looks at the key capabilities required to build a defense in depth approach and support the full data security lifecycle. For example:

  • Discovery
  • Vulnerability and configuration assessment
  • Hardening
  • Change auditing
  • Real-time activity monitoring
  • Auditing and compliance reporting
  • Authentication, access control and entitlement management
  • Data encryption

Data encryption is sometimes overlooked because there are a lot of options which make deciding how to proceed very difficult – column encryption, file encryption, application encryption, hardware encryption and more. Other concerns focus on performance and key management. InfoSphere Guardium Data Encryption delivers file level encryption for data at rest with negligible performance overhead, see the benchmark study, as well as centralized key management. It is fully compatible with InfoSphere Guardium Data Activity Monitor, for a more detailed view of the architecture see Beyond Database Encryption featured in the IBM DM Magazine. In addition to helping support the data security lifecycle, encryption is one of the few technologies mandated by regulations such as PCI DSS. Explore how InfoSphere Guardium Data Encryption extends your security posture.

Learn more:
InfoSphere Guardium Data Encryption Solution Sheet

InfoSphere Guardium Data Encryption Architecture Overview

5 Big Database Breaches of Spring 2013
Dark Reading 

This spring’s crop of database breaches has been about as abundant as the pollen count this time of year, and twice as likely to make security researchers’ eyelids twitch. During the past couple of months, data breaches have ranged from the mundane to the fantastic, with each occurrence offering valuable lessons for security professionals with regard to locking down databases and the applications that access them.  The following five high-profile breaches offer some of the low lights of late and what organizations can learn from each of these incidents.

1. A Big Dam Deal
2. Bitcoin DB Blunder
3. $45 Million Database Deficiency
4. Living Social Lost Data
5. Google Bungles Database Defense

Read more

What Every DBA Should Know about Data Security
Dark Reading

Database administrators are the caretakers of an organization’s most precious asset – its data — but rarely do they have the experience and skills required to secure that data. Indeed, the goals of DBAs and security pros are often at odds.

In this Dark Reading report we examine what DBAs should know about security, as well as recommend how database and security pros can work more effectively together to create database environments that are not only functional but highly secure.

Read more

Live Webcast: Why Information Governance Must be Addressed Now

Date: Thursday, July 25, 2013
Time: 2:00 PM ET/ 1:00 PM CT/ 11:00 AM PT

As big data is incorporated into business analytics and decision making, it very quickly becomes another set of data that needs to be integrated with traditional sources of information and governed so that the data is secure, well understood, and trusted. In this session, we will examine the hidden financial penalties for lapsed information governance and untrustworthy data.

Join this webcast as Nathaniel Rowe, research analyst from Aberdeen Group discusses the emergence of big data and the need for flexible and reliable integration and governance.
You will learn:

  • Why big data needs to be governed
  • The cost of doing nothing
  • The benefits of treating information as an asset
  • How to get started

Register here

Live Webcast: Exposing the Hidden Costs of Database Security Solutions


Date: Thursday, August 1, 2013
Time: 2:00 PM ET/1:00 PM CT/11:00 AM PT 

IT security professionals evaluating various database security solutions will see a slew of benefit statements and favorable pricing, all in an effort to influence a purchase decision toward a specific solution.  Nevertheless, by paying close attention to the features in six key capabilities, decision-makers can calculate the hidden cost of any such solution in three critical areas: Staff, Hardware, and Risk Mitigation.  Once these hidden costs are calculated, line-of-business and IT executives will see a wide disparity between database security offerings from which the solution with the largest organizational value and lowest total cost of ownership may be selected.
In this webcast, we will provide a framework to calculate the financial impact of any database security solution.  Evaluate the attributes and features:

  • Tool monitoring and configuration management
  • Reporting capabilities
  • Solution administration and management
  • APIs and integration methods
  • Architecture
  • Alerts, policies, and audit reports

Attendees of this webcast will receive a complimentary download of Exposing the Hidden Costs of Database Security Solutions.

Register now. 

On Demand Webcast: IBM X-Force 2012 Annual Trend Report: Data Breach Issues and Solutions

Gain insight into emerging trends in security and how to address new threats presented by mobile devices, cloud computing, social media and more. And, why IBM’s holistic approach to data security can deliver a much lower total cost of ownership with best-in-class data security and compliance solutions.

In this session, you will learn more about:

  • Types of threats and the varying levels of sophistication
  • Most damaging exploit kits and the java connection
  • Web content trends, vulnerabilities and statistics
  • Operational security practices

Download X-Force 2012 on-demand webcast

Download X-Force 2012 Annual Trend report

InfoSphere Guardium Tech Talk: Planning a successful deployment, Part 2:  Monitoring setup and guidelines

Date: Tuesday, July 16, 2013
Time: 8:30 AM ET
Speakers: Boaz Barkai and Yosef Rozenblit
Hosted by: Kathryn Zeidenstein

In part 1 of this tech talk, our experienced lab services implementers covered installation, configuration, and operational considerations. In Part 2, they will do a deep dive into the recommended process for monitoring, including setting up groups, policies, reports, audit processes for result distribution, threshold and real-time alerting. If time allows, they will also briefly cover additional capabilities such as data level access control and blocking,

Prerequisite:
 Listen to Part 1. Links to replays and charts for part 1 can be found on the Tech Talk wiki page on the InfoSphere Guardium community on developerWorks:  http://ibm.co/Wh9x0o

Register for this Tech Talk

Visit the Tech Talk wiki page for links to all previous tech talk materials and replays.

On-Demand Webcasts: 
If you missed our recent live broadcast, download these replays to catch up on hot topics, accelerate learning and view demonstrations of IBM data security and privacy solutions.

2013 InfoSphere Guardium Training Courses

Guardium’s training courses help you achieve results quickly and easily. For more information about training, to sign up for a training course, or to schedule a training session, go to:

  • GU201: IBM InfoSphere Guardium Technical Training
    This three-day course offers a balanced mix of lectures, hands-on lab work, case studies, and testing. Students will learn how to create reports, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. Students will also learn about system administration, archiving, purging, and back-ups.
  • 2U201: IBM InfoSphere Guardium 8 Technical Training – New Self-Paced Course  
    In this self-paced course, students will learn how to implement and support Guardium solutions within their environment. The course will highlight report creation, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. See how system administration, archiving, purging, and backups are completed.

Register today! 

Proof of Technology and Technical Demonstrations
To attend one of the Proof of Technology sessions – Email an IBM Representative. Include in your email the location you are interested in attending one.

InfoSphere Guardium Bootcamp for Business Partners

This technical workshop is for IBM business partners who are currently working with or are interested in working with IBM InfoSphere Guardium. It provides training on InfoSphereGuardium in a classroom setting. Detailed presentations and hands-on labs on Guardium 8 are included where attendees will gain in-depth knowledge on topics including:

  • InfoSphere Guardium product overview
  • Guardium installation concepts, planning, and configuration
  • Auditing database servers with the Guardium system
  • Monitoring for unusual traffic
  • S-GATE and S-TAP Terminate Functions
  • Vulnerability Assessments
  • Enhanced Enforcement Actions
  • And much more…

Learn how IBM InfoSphere Guardium can add value to your security and data management solutions and extend your market opportunity. Business partners working in the consulting industry who are currently working with or plan to work with InfoSphere Guardium are also welcome to attend.

Schedule and registration information

Please Note: We will send an email confirmation to all registrants 1-2 weeks before the bootcamp begins.

Date Country City Registration Information
Jul 9 – 12, 2013 France Paris Register here
Jul 16 – 19, 2013 China Beijing Register here
Jul 23 – 26, 2013 Vietnam Ho Chi Minh City Register here

Fore more information, go to IBM InfoSphere Guardium Bootcamp

Upcoming Events
Please visit us at the following upcoming events:

Hadoop Summit
San Jose, CA – June 26 – 27, 2013

BlackHat 2013:See IBM, a Platinum sponsor
Las Vegas, NV – July 27 – August 1, 2013; Caesars Palace

Black Hat USA is the show that sets the benchmark for all other security conferences. As Black Hat returns for its 16th year to Las Vegas, we bring together the brightest in the world for six days of learning, networking, and skill building. IBM will be at the Briefings portion of the event July 31 – August 1 and can be found in the Expo Hall at Booth #215. Black Hat USA is offering $100 off Briefing passes for IBM customers using promo code BR100IBM during registration.

Register here.

IBM’s security portfolio provides the security intelligence to help organizations holistically protect its people, infrastructure, data and applications. IBM offers solutions for identity and access management, database security, application development, risk management, endpoint management, network security and more. IBM monitors 13 billion security events per day in more than 130 countries and holds more than 3,000 security patents. For more information please visit us at ibm.com/security.

NoSQL Now Conference
San Jose, CA – August 20-22, 2013
Session: Architecting a secure and compliant MongoDB environment

Information on Demand 2013 
Registration is now open!  
Las Vegas, NV – November 3 – 7, 2013; Mandalay Bay

Please join us in Las Vegas, November 3-7 at Information on Demand, the industry-leading conference for big data and analytics driven organizations.

About the IOD conference:  This year, we will bring together 13,000 business and technology leaders for an in-depth look at Information Management, and ways you can leverage technology for competitive advantage and to uncover entirely new opportunities for growth.

super server

Take advantage of a new Super Saver rate, reducing the standard registration fee by $600 when you enroll by July 10th, 2013
Also, alumni can save an extra $100 on registration, bringing total savings to $700 for returning attendees (when combined with the super saver discount).

Blogs 

The Big Data Hub Blog

Institute for Advanced Security Blog

IBM InfoSphere Guardium Newsletter: May 2013
Thursday, May 30th, 2013 | Author:
IBM May 2013




In this Issue:

  • Getting Started with Information Governance: The Security and Privacy Approach, IBM Data Magazine
  • Information on Demand 2013 – Registration is Now Open!
  • DarkReading Database Security Tech Center
  • InfoSphere Guardium Tech Talk – Closing Your Security Gaps with Security Intelligence
  • InfoSphere Guardium Tech Talk – Planning an InfoSphere Guardium Deployment
  • Video demo: IBM InfoSphere Guardium: Turn big data environments into a highly secure platform for growth
  • A Closer Look at Auditing and Compliance for IMS Using InfoSphere Guardium
  • Video Tutorials of InfoSphere Guardium
  • Tech Tip: Integration of InfoSphere Guardium Reports with Business Intelligence Tools
  • InfoSphere Guardium Training Courses
  • Proof of Technology and Technical Demonstrations
  • InfoSphere Guardium Bootcamp for Business Partners
  • Upcoming Events
  • IBM Blogs
  • Quick Links and Resources

Getting Started with Information Governance: The Security and Privacy Approach
IBM Data Magazine

We’ll take a look at approach that is chosen by many organizations—putting data privacy and security policies into place to protect enterprise information. It is hardly surprising that data privacy and security concerns rise to the top of the list for organizations in a number of industries. The results of poor data protection are well known far beyond the IT community. Aberdeen Group has found that the average cost of a security incident from the era of big data is USD40M.1 Data breaches lead to the sort of headlines no CEO wants to see, and have long-lasting and far-reaching impacts on both businesses and consumers

Read more. 

Information on Demand 2013 

Registration is now open!  
Las Vegas, NV – November 3 – 7, 2013; Mandalay Bay

Please join us in Las Vegas, November 3-7 at Information on Demand, the industry-leading conference for big data and analytics driven organizations.

About the IOD conference:  This year, we will bring together 13,000 business and technology leaders for an in-depth look at Information Management, and ways you can leverage technology for competitive advantage and to uncover entirely new opportunities for growth.

super server

Take advantage of a new Super Saver rate, reducing the standard registration fee by $600 when you enroll by June 28.

Also, alumni can save an extra $100 on registration, bringing total savings to $700 for returning attendees.

DarkReading Database Security Tech Center

DarkReading’s Database Security Tech Center is your portal to all the news, product information, technical data, and other information related to the topic of database security.  Written for database administrators and businesspeople as well as security and IT professionals, the Database Security Tech Center is a single community dedicated to protecting one of the most sensitive assets in cyberspace: the company database.

New reports include:
Security Implications Of Big Data Strategies
A Guide to Database Activity Monitoring
Control And Protect Sensitive Information In The Era Of Big Data

InfoSphere Guardium Tech Talk: How to Close your Security Gaps by Integrating Security Intelligence 

Date: Wednesday, June 5, 2013
Time: 8:30AM PT /10:30AM CT / 11:30AM ET
Hosted By: Kathryn Zeidenstein
Presented By: Steven Keim, Luis Casco-Arias

Many organizations are struggling with the growing gap between the vulnerability of critical data and security defenses.

In this tech talk, you will learn how combining the industry-leading security intelligence capabilities of IBM® QRadar® Security Intelligence Platform with the robust data security capabilities of IBM InfoSphere® Guardium®, organizations can gain actionable insights to reduce security risks at all layers and boost compliance across the enterprise. InfoSphere Guardium can enhance the IBM QRadar cross-IT correlation engine capabilities by providing it with the results of Guardium in-depth analysis and audit of database activity.  You will see how to prevent data exfiltration and detect data breaches faster using the integration of QRadar QFlow (for content capture via deep packet inspection), QRadar SIEM (for advanced correlation and incident management), InfoSphere Guardium Data Security (for database monitoring and alerting) and X-Force Threat Intelligence (for IP address insight).

What we will discuss:

  • Overview of IBM Security Platform and where QRadar and Guardium fit into the bigger security picture
  • Learn about new integration between these solutions and the benefits
  • Demo of “Anatomy of an Attack” and how the solutions help you detect and prevent breaches

Register here.

InfoSphere Guardium Tech Talk: Planning an InfoSphere Guardium Deployment 

Date: Thursday, June 20, 2013
Time: 8:30AM PT /10:30AM CT / 11:30AM ET
Hosted By: Kathryn Zeidenstein
Speakers: Boaz Barkai InfoSphere Guardium WW Practice Lead and Yosef Rosenblit, InfoSphere Guardium WW Services Lead

We can all use a little advice from those who have gone before. If you are planning a new deployment of InfoSphere Guardium or are expanding an existing one,  Our speakers have years of experience in guiding customer deployments, and in this talk they will provide a blueprint to help you plan for a deployment. They will also offer advice on  how to manage the environment post-deployment.  You’ll learn:

  • What architecture options need to be considered
  • What team members need to be involved
  • What business requirements and drivers need to be understood
  • How to manage the solution post deployment

Register here.

Replay – InfoSphere Guardium Tech Talk: Implementing InfoSphere Guardium Database Activity Monitoring for DB2 for z/OS

With the release of InfoSphere Guardium V9.0, significant enhancements have been made to the support for InfoSphere Guardium on z/OS to make it easier to get up and running and for improved performance. Roy Panting, from the InfoSphere Guardium center of excellence team, and Ernie Mancill, Executive IT Specialist, provide insight into how InfoSphere Guardium is a necessary complement to existing security solutions such as RACF, describe how performance has improved over time, and offer step by step guidance for planning a deployment.

Watch the replay.

Visit the Tech Talk wiki page for links to all previous tech talk materials and replays.

Video demo: IBM InfoSphere Guardium: Turn big data environments into a highly secure platform for growth

Watch this video and learn how IBM InfoSphere Guardium data security and privacy solutions take a holistic approach to data security and compliance to transform big data environments into highly secure platforms for growth.

View now

A Closer Look at Auditing and Compliance for IMS Using InfoSphere Guardium 

Download PDF
Although data that’s housed in the mainframe (and in IMS™ in particular) is perceived to be safe from attack, as more data flows through web- and cloud-enabled applications, the risk increases. And even though damage caused by accidental or intentional leakages by administrators can also be significant, it is often unaccounted for by normal database controls.

IBM® InfoSphere® Guardium® introduced support for IMS auditing in Version 8.2 and has enhanced that capability in Version 9.0, which became generally available in October, 2012. InfoSphere Guardium supports auditing for IMS Versions 9 through 12, as well as IMS Version 13 (through its QPP program).

InfoSphere Guardium is already used by hundreds of organizations around the world as a comprehensive data activity monitoring and compliance solution with solid mainframe support for IMS, DB2® and VSAM data monitoring.

Read more. 

Video Tutorials on InfoSphere Guardium 

This website contains links to video recordings from original webcasts and goes into detail on policy rules and how they work. These are a “Must View” series for anyone who will be working with InfoSphere Guardium.

Here are the direct links:
Part 1: Default Logging Behavior and introduction to Constructs: http://www.youtube.com/watch?v=JUBd0EgL9qg 
Part 2: Log Full Details: http://www.youtube.com/watch?v=ftsdQq-RIYU 
Part 3: Ignore Session rules: http://www.youtube.com/watch?v=pklPGc7RVW8 
Part 4: Alert rules and rule order: http://www.youtube.com/watch?v=EG5TMlEQFno

Tech Tip: Integration of InfoSphere Guardium Reports with Business Intelligence Tools 

IBM developerWorks

This article describes the facilities IBM InfoSphere Guardium provides for integration with Business Intelligence products. Specifically the availability of reports on mobile devices is limited and direct access via mobile devices to the Guardium appliances weakens the overall security concept. Hence, a logical step is to export the data, analyze it with existing Business Intelligence solutions, e.g. IBM’s Cognos Business Intelligence, and provide custom reports to mobile end devices. This approach guarantees the integrity of the database activity monitoring environment as well as the accessibility of essential reports.

IBM’s InfoSphere Guardium protects the information infrastructure of a company and gathers data to report on. Leveraging Business Intelligence suite’s advanced analytics features and mobile provisioning, IBM InfoSphere Guardium data becomes part of an all-encompassing reporting in the organization.

Read more. 

On-Demand Webcasts: 
If you missed our recent live broadcast, download these replays to catch up on hot topics, accelerate learning and view demonstrations of IBM data security and privacy solutions.

2013 InfoSphere Guardium Training Courses

Guardium’s training courses help you achieve results quickly and easily. For more information about training, to sign up for a training course, or to schedule a training session, go to:

  • GU201: IBM InfoSphere Guardium Technical Training - This three-day course offers a balanced mix of lectures, hands-on lab work, case studies, and testing. Students will learn how to create reports, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. Students will also learn about system administration, archiving, purging, and back-ups.
  • 2U201: IBM InfoSphere Guardium 8 Technical Training – New Self-Paced Course - In this self-paced course, students will learn how to implement and support Guardium solutions within their environment. The course will highlight report creation, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. See how system administration, archiving, purging, and backups are completed.

Register today!

Proof of Technology and Technical Demonstrations
To attend one of the Proof of Technology sessions – Email an IBM Representative. Include in your email the location you are interested in attending one.

InfoSphere Guardium Bootcamp for Business Partners

This technical workshop is for IBM business partners who are currently working with or are interested in working with IBM InfoSphere Guardium. It provides training on InfoSphereGuardium in a classroom setting. Detailed presentations and hands-on labs on Guardium 8 are included where attendees will gain in-depth knowledge on topics including:

  • InfoSphere Guardium product overview
  • Guardium installation concepts, planning, and configuration
  • Auditing database servers with the Guardium system
  • Monitoring for unusual traffic
  • S-GATE and S-TAP Terminate Functions
  • Vulnerability Assessments
  • Enhanced Enforcement Actions
  • And much more…

Learn how IBM InfoSphere Guardium can add value to your security and data management solutions and extend your market opportunity. Business partners working in the consulting industry who are currently working with or plan to work with InfoSphere Guardium are also welcome to attend.

Schedule and registration information

Please Note: We will send an email confirmation to all registrants 1-2 weeks before the bootcamp begins.

Date Country City Registration Information
June 4 – 7, 2013 Ukraine Kiev Register here
June 9 – 13, 2013 United Arab Emirates Abu Dhabu Register here
June 10 – 14, 2013 Mexico Mexico City Register here

Fore more information, go to IBM InfoSphere Guardium Bootcamp

Upcoming Events
Please visit us at the following upcoming events:

Innovate 2013
Orlando, FL – June 2 – 6, 2013

Gartner Security & Risk Management Summit
National Harbor, MD – June 10 – 13, 2013

IBM Edge 2013
Las Vegas, NV – June 10 – 14, 2013

Big Data, Integration, & Governance Forum
St. Louis, MO – June 11, 2013
Paris, France – June 11, 2013

Join us at an IBM Big Data, Integration and Governance Forum to hear from industry experts on how to turn your ever-growing supply of data into an enterprise source of knowledge. The forum—which addresses both strategies and technologies—will identify the pains associated with the overabundance of information and spur thinking around building an information strategy for smarter analytics.

Register today for the IBM Big Data, Integration and Governance Forum near you. 


Hadoop Summit

San Jose, CA – June 26 – 27, 2013

Blogs 

The Big Data Hub Blog

Institute for Advanced Security Blog

IBM InfoSphere Guardium Newsletter: April 2013
Wednesday, May 01st, 2013 | Author:
IBM April 2013




In this Issue:

  • IBM X-Force 2012 Annual Trend & Risk Report
  • IBM PureSystems Turning One and Tackling Big Data, ITBusinessEdge Server Watch
  • Big Data Storage Buying Guide, Enterprise Storage Forum.com
  • Hardening a Teradata Database: Best Practices for Access Rights Management
  • Live Webcast – Secure All Your ‘Data at Rest’ with IBM Key Lifecycle Management
  • Live Webcast – IBM X-Force 2012 Trend Report: Cyber vs. Insider Data Breaches
  • InfoSphere Guardium Tech Talk – Implementing Database Activity Monitoring for DB2 for z/OS
  • Live Webcast – Best Practices for Securing and Protecting MongoDB Data, 10Gen
  • Tech Tip: Accelerate the Path to PCI-DSS Data Compliance Using InfoSphere Guardium
  • InfoSphere Guardium Training Courses
  • Proof of Technology and Technical Demonstrations
  • InfoSphere Guardium Bootcamp for Business Partners
  • Upcoming Events
  • IBM Blogs
  • Quick Links and Resources

IBM X-Force 2012 Annual Trend & Risk report has released! 

IBM X-Force monitors the latest threat trends including vulnerabilities, exploits and active attacks, viruses and other malware, spam, phishing, and malicious web content.
Looking back over the year, there was a measurable increase in the public announcements of security incidents and breaches, where SQL injection and DDoS attacks continued to wreak havoc on IT infrastructures.

Over the past year the discovery of sophisticated toolkits with ominous names like Flame to cross-platform zero-day vulnerabilities, had both consumers and corporations inundated with advisories and alerts regarding emerging threats. The frequency of data breaches and incidents—which had already hit a new high in 2011—continued their upward trajectory.

Read more
IBM PureSystems Turning One and Tackling Big Data 
ITBusinessEdge ServerWatch

“Over the past year, the IBM PureSystems family of expert integrated systems has continued to expand to meet the evolving needs of clients and partners around the world,” Jason McGee, IBM Fellow and IBM CTO for IBM PureApplication System, told ServerWatch.

McGee noted that the PureSystems family of server systems has been particularly well suited to help those organizations that are trying to transform their businesses and take advantage of opportunities being afforded by cloud, mobile and Big Data, but are challenged by a lack of IT skills and resources.

“PureData for Hadoop is also architected for high availability and features best in class security for Hadoop with advancements in both BigInsights and integration with Guardium software.”

Read more.

Big Data Storage Buying Guide
Don’t Forget Security
Enterprise Storage Forum.com

Enterprise Storage Forum has prepared a series of buying guides covering all aspects of storage. This one takes a somewhat different tack, providing advice from analysts on how storage managers should be addressing big data.

An integral part of strategy is how to secure that growing stash of unstructured data.  …the open source distribution of Hadoop does not include many security capabilities, though commercial distributions such as Shadoop can often add features such as access control, audit logging and authentication. In addition, IBM InfoSphere Guardium has introduced tools for securing big data environment. Disk encryption is another recommended action.

Read more. 

Hardening A Teradata Database: Best practices for access rights management (PDF, 1.8MB)

This joint IBM – Teradata white paper provides an overview and identifies best practices for access rights management for the Teradata Database not only to protect your data, but also to improve overall performance for authorization checking. And, introduces IBM InfoSphere® Guardium Vulnerability Assessment as an aid to help organizations automate the detection of vulnerabilities and to provide guidance on recovering from failures of Vulnerability Assessment tests.

Live Webcast: Secure All Your “Data at Rest” with IBM Key Lifecycle Management

Date: Wednesday, May 8, 2013
Time: 11:00AM ET
Speaker: Gordon Arnold

Targeted attacks on critical data continue to escalate and regulatory compliance to protect data has become increasingly more demanding. Encryption has been viewed as one of the most reliable ways to protect data and comply with regulations but it was also considered complex to implement. Today encryption has become the most critical component in an organization’s arsenal to meet compliance objectives, while at the same time it has become much easier to implement and manage successfully. The problem is knowing when and where to use encryption, how it can simplify the task of proving compliance and what controls need to be in place to ensure it delivers on its promise. This overview will help provide a look into the options for encryption and practical advice on how to deploy options like encrypted storage with key management will be a focus for this talk.

Register now


Live Webcast: IBM X-Force 2012 Annual Trend Report: Data Breach Issues and Solutions

Date: Thursday, May 9, 2013
Time: 2:00 PM ET / 11:00 AM PT
Speakers: Robert Freeman, IBM X-Force Advanced Research and Kimberly Madia, Product Marketing for InfoSphere Guardium

Join Robert Freeman of IBM X-Force® Advanced Research as he presents an in-depth analysis of 2012 public vulnerability disclosures and discusses important lessons learned.
In this session, you will learn:

  • Types of threats and the varying levels of sophistication
  • Most damaging exploit kits and the java connection
  • Web content trends, vulnerabilities and statistics
  • Operational security practices

Gain insight into emerging trends in security and how to address new threats presented by mobile devices, cloud computing, social media and more. And, why IBM’s holistic approach to data security can deliver a much lower total cost of ownership with best-in-class data security and compliance solutions

Register here.

InfoSphere Guardium Tech Talk: Implementing Database Activity Monitoring with DB2 for z/OS

Date: Thursday, May 16, 2013 
Time: 
11:30 AM ET / 8:30 AM PT

Hosted by:
 Kathryn Zeidenstein (IBM)

IBM Presenters: Roy Panting and Ernest Mancill

Learn how to manage multiple IBM InfoSphere Guardium appliances in heterogeneous environments and understand the tools available for system self-monitoring and system tuning. Members of our L3 support organization will cover best practices in maintaining, upgrading and expanding your InfoSphere Guardium environment.

For more information about this tech talk, contact Kathy Zeidenstein at krzeide@us.ibm.com or visit the Tech Talk page on the Guardium community wiki. http://ibm.co/Wh9x0o

Register here.

 

Live Webcast: Best Practices for Securing and Protecting MongoDB Data
Hosted by 10Gen

Date: Wednesday, May 29, 2013
Time: 2:00 PM ET/1:00 PM CT/11:00 AM PT
Duration: 60 minutes
IBM Presenters: 
Kathryn Zeidenstein, InfoSphere Guardium Evangelist and Sundari Voruganti, QA Lead

The value of the fast growing class of NoSQL databases is the ability to handle high velocity and volumes of data while enabling greater agility with dynamic schemas.  MongoDB gives you those benefits while also providing a rich querying capability and a document model for developer productivity. Many organizations are just getting started with MongoDB, and now is the time to build security into the environment to save time, prevent breaches and avoid compliance violations. This session describes several tips to get started ensuring security of MongoDB data, including real-time activity monitoring capability developed by IBM and validated by 10gen, the MongoDB Company. We will cover protection of data in motion and data at rest to build a defense in depth approach.

In this session you will learn:

  • How to evaluate the data security and privacy landscape and determine risk factors
  • New capabilities in MongoDB for authentication and management of data access
  • New capabilities in IBM InfoSphere Guardium data security and protection solutions to help  organizations monitor access to sensitive collections, log details of privileged user activity, detect risky query practices, and much more.

Register here 

Tech Tip: Accelerate the Path to PCI-DSS Data Compliance Using InfoSphere Guardium

Use prebuilt reports, policies, and groups to simplify configuration 

This article gives you a step-by-step overview of using the Payment Card Industry (PCI) Data Security Standard (DSS) accelerator that is included with the standard InfoSphere® Guardium® data security and protection solution. The PCI-DSS is a set of technical and operational requirements designed to protect cardholder data and applies to all organizations who store, process, use, or transmit cardholder data. Failure to comply can mean loss of privileges, stiff fines, and, in the case of a data breach, severe loss of consumer confidence in your brand or services. The InfoSphere Guardium accelerator helps guide you through the process of complying with parts of the standard using predefined policies, reports, group definitions, and more.

In this article, you will learn:

  • How to install the accelerator and configure a PCI role that will see the GUI enhancements specifically for the PCI accelerator.
  • The layout of the accelerator and the reports that are included to demonstrate compliance. You will learn how to add members to groups that will enable those reports to return the correct information. The article also briefly discusses security policies and rules.
  • How to use audit processes to automate compliance workflow for reviews and sign-offs.

Read more.

On-Demand Webcasts: 

If you missed our recent live broadcast, download these replays to catch up on hot topics, accelerate learning and view demonstrations of IBM data security and privacy solutions.

2013 InfoSphere Guardium Training Courses

Guardium’s training courses help you achieve results quickly and easily. For more information about training, to sign up for a training course, or to schedule a training session, go to:

  • GU201: IBM InfoSphere Guardium Technical Training - This three-day course offers a balanced mix of lectures, hands-on lab work, case studies, and testing. Students will learn how to create reports, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. Students will also learn about system administration, archiving, purging, and back-ups.
  • 2U201: IBM InfoSphere Guardium 8 Technical Training – New Self-Paced Course - In this self-paced course, students will learn how to implement and support Guardium solutions within their environment. The course will highlight report creation, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. See how system administration, archiving, purging, and backups are completed.

Register today!

Proof of Technology and Technical Demonstrations
To attend one of the Proof of Technology sessions – Email an IBM Representative. Include in your email the location you are interested in attending one.

InfoSphere Guardium Bootcamp for Business Partners

This technical workshop is for IBM business partners who are currently working with or are interested in working with IBM InfoSphere Guardium. It provides training on InfoSphereGuardium in a classroom setting. Detailed presentations and hands-on labs on Guardium 8 are included where attendees will gain in-depth knowledge on topics including:

  • InfoSphere Guardium product overview
  • Guardium installation concepts, planning, and configuration
  • Auditing database servers with the Guardium system
  • Monitoring for unusual traffic
  • S-GATE and S-TAP Terminate Functions
  • Vulnerability Assessments
  • Enhanced Enforcement Actions
  • And much more…

Learn how IBM InfoSphere Guardium can add value to your security and data management solutions and extend your market opportunity. Business partners working in the consulting industry who are currently working with or plan to work with InfoSphere Guardium are also welcome to attend.

Schedule and registration information

Please Note: We will send an email confirmation to all registrants 1-2 weeks before the bootcamp begins.

Date Country City Registration Information
May 20 – 24, 2013 Korea Seoul Register here
May 27 – 31, 2013 Russia Moscow Register here
June 4 – 7, 2013 Ukraine Kiev Register here

Fore more information, go to IBM InfoSphere Guardium Bootcamp

Upcoming Events
Please visit us at the following upcoming events:

Big Data, Integration, & Governance Forum
Toronto, Canada – May 9, 2013
Pittsburgh, PA – May 16, 2013
St. Louis, MO – June 11, 2013
Paris, France – June 11, 2013

Join us at an IBM Big Data, Integration and Governance Forum to hear from industry experts on how to turn your ever-growing supply of data into an enterprise source of knowledge. The forum—which addresses both strategies and technologies—will identify the pains associated with the overabundance of information and spur thinking around building an information strategy for smarter analytics.

Register today for the IBM Big Data, Integration and Governance Forum near you. 

ISSA CISO Executive Forum
Dallas, TX – May 9 – 10, 2013

X-Force Evolving Threats 2013 
Milwaukee, WI – May 14, 2013
Atlanta, GA – May 21, 2013
Dallas, TX – May 21, 2013
Southfield/Detroit, MI – May 22, 2013
San Francisco, CA – May 23, 2013
Washington, DC – May 23, 2013

Blogs 

The Big Data Hub Blog

Institute for Advanced Security Blog

Quick Links
Monitor Data Activity in Real Time 
Identify unauthorized or suspicious activities by continuously monitoring access to databases, data warehouses, Hadoop systems and file share platforms in real time.

Audit and Validate Compliance
Simplify SOX, PCI-DSS, and Data Privacy processes with pre-configured reports and automated oversight workflows (electronic sign-offs, escalations, etc.) to satisfy mandates.

Secure and Protect Big Data Environments 
Build security into big data environments to prevent breaches, ensure data integrity and satisfy compliance.

Protect Data Privacy and Support Compliance 
Develop a holistic approach to data protection to ensure compliance and reduce costs.

Assess Vulnerabilities 
Scan the entire data infrastructure for vulnerabilities and receive an ongoing evaluation of your data security posture, using both real-time and historical data.

Safeguard both Structured and Unstructured Data 
Ensure structured and unstructured data is identified, transformed and audited.

Produce Better Business Outcomes with Information Goverance
Ensure Enhance information integrity, availability and quality

InfoSphere Data Security and Privacy Offerings:
InfoSphere Discovery
InfoSphere Guardium Data Encryption
InfoSphere Guardium Activity Monitor
InfoSphere Guardium Vulnerability Assessment
InfoSphere Optim Data Privacy

Social media links
Follow Guardium on www.twitter.com/IBM_Guardium

Follow @IBMSecurity for the latest updates

View the Guardium channel on YouTube

IBM InfoSphere Guardium eNewsletter: March 2013
Tuesday, April 02nd, 2013 | Author:
March 2013

In this Issue:

  • IBM Recognized as Big Data Market Share Leader, Wikibon
  • More Than Half of Banks Hit by DDos Attacks Last Year, Bank Systems & Technology
  • Retail Security in the Age of Big Data, SC Magazine UK 
  • Pulse 2013 – Big IP-ASM and IBM InfoSphere Guardium
  • More Improvements to SIEM than Big Data, Dark Reading
  • ISSA Webcast – IBM X-Force 2012 Trend Report: Cyber vs. Insider Data Breaches
  • InfoSphere Guardium Tech Talk – Take Control of Your InfoSphere Guardium Appliance
  • New Automated System for Submitting Product Enhancement Requests
  • Tech Tip: Use Data-Level Security for Granular Access Control of Auditing Results
  • InfoSphere Guardium Training Courses
  • Proof of Technology and Technical Demonstrations
  • InfoSphere Guardium Bootcamp for Business Partners
  • Upcoming Events
  • IBM Blogs
  • Video: The Role Big Data Plays in Solving Complex Security Challenges
  • Podcast: How to Build Big Data Security into Big Data Environments
  • Quick Links and Resources

IBM Recognized as Big Data Market Share Leader
Big Data Vendor Revenue and Market Forecast 2012-2017
Wikibon 

Further validation of IBM’s leadership in the big data market comes from Wikibon, the Web’s first and largest technology research and advisory organization.  In their recentBig Data Vendor Revenue and Market Forecast 2012-2017, IBM is the undisputed market share leader, topping 60 other vendors evaluated.

In the report, Wikibon states: “Market-leader IBM offers by far the largest product and services portfolio by both breadth and depth. The company also supports its Big Data practice with a well-crafted, high-level marketing campaign focused around its Smarter Planet initiative that often includes illustrations of real-world Big Data deployments.”

Wikibon projects the Big Data market to top $18 billion in 2013, a growth rate of 61%. Looking beyond 2013, Wikibon forecasts the total Big Data market to approach $50 billion by 2017, which translates to a 31% compound annual growth rate over the five-year period 2012-2017.

Read more.

More Than Half of Banks Hit by DDoS Attacks Last Year, Study Finds 
Bank Systems & Technology 

In a recent survey conducted by the Ponemon Institute, more than half of the banking IT professionals in the study said their bank had experienced at least one DDoS in the previous 12 months. U.S. banks became very familiar with Distributed Denial of Service (DDoS) attacks after a number of them were hit by such attacks last year. But a new study by the Ponemon Institute, an independent research firm focused on information security, sheds some new light on just how widespread the attacks were. The Ponemon Institute surveyed 650 banking IT professionals for the study from institutions ranging from community banks to national ones, with more than 64% of them working with institutions with at least 1,000 employees.

Read more.

Retail Security in the Age of Big Data
SC Magazine UK

Retailers are discovering that the more of this ‘big data’ they can collect and analyse, the better they can serve their customers and optimise their own operations. Vast amounts of customer data (from demographics, to product-purchase histories, to online conversations) can now be analysed to predict customer needs and orchestrate partners and suppliers in greater responsiveness to changes in buying behavior.

With data being the new world currency and the cost of maintaining and protecting it running exponentially higher than the cost of capturing it in the first place, the security of data is assuming a new importance among retailers.

Retailers are responsible for protecting not only their own information, but the information of their customers as well. They are also faced with a diverse array of threats that are creating new potential vulnerabilities, such as theft of customer information and credit card data.

Read more.

Pulse 2013 – BIG-IP ASM & IBM InfoSphere Guardium
Peter Silva
F5 DevCenter 

Learn about the integration between BIG-IP ASM and IBM’s InfoSphere Guardium offering real time data security along with contextual meta data associated with the SQL data. Each enhances the other to provide both defense-in-depth protection and contextual security information. Powerful stuff.

Read more.

More Improvements To SIEM Than Big Data
DarkReading 

For big companies looking to spend big budgets, the Big Data pitch for security information and event management (SIEM) systems is a good fit. But other improvements are on the way 

With large enterprises seeking to gain situational awareness into what is happening on hundreds, if not thousands of network devices, using the business analytics model of Big Data makes sense.

“More and more customers are asking what they can add to the platform and what can be added to the platform,” says Michael Applebaum, program director at IBM Security Systems. “You can draw more insight with who is doing what with what systems and in what situations.

Read more. 

ISSA Webcast: IBM X-Force 2012 Trend Report: Cyber vs. Insider Data Breaches
Sponsored by IBM

Date: Tuesday, April 23, 2013
Time: 12:00 to 2:00 p.m. ET
Presenter: Robert Freeman, Manager X-Force Research

Attackers and unscrupulous users constantly adapt their techniques to evade new security measures, easily bypassing traditional perimeter defenses. Join Robert Freeman, Manager, IBM X-Force® Advanced Research as he presents the results of the “IBM X-Force 2012 Trend and Risk Report,” an in-depth analysis of public vulnerability disclosures findings.
In this webcast, you will learn why data attacks continue to be pervasive and why we are seeing more than ever how systems interconnectedness, poor policy enforcement, and human error, is far more influential than any singles security vulnerability. A holistic approach to data security approach is essential for the protection of the entire ecosystem.

Register here.

InfoSphere Guardium Tech Talk: Take Control of Your InfoSphere Guardium Appliance

Date: Thursday, April 11, 2013
Time: 11:30 AM – 12:30 PM (Eastern Time)
Hosted by: Kathryn Zeidenstein (IBM)
Presented by: Daniel Perlov, L2 Support Manager (IBM), Abdiel Santos, L3 Support Engineer (IBM)

Learn how to manage multiple IBM InfoSphere Guardium appliances in heterogeneous environments and understand the tools available for system self-monitoring and system tuning. Members of our L3 support organization will cover best practices in maintaining, upgrading and expanding your InfoSphere Guardium environment.

This session will be recorded and will be available via audiocast, so you can dial in or listen through your computer speakers.

For more information about this tech talk, contact Kathy Zeidenstein at krzeide@us.ibm.com or visit the Tech Talk page on the Guardium community wiki. http://ibm.co/Wh9x0o
Slides will be available for download on the wiki page by the day of the talk.

Register here.

New Automated System for Submitting Product Enhancement Requests

You can now use the IBM RFE system on developerWorks to submit product enhancement requests for InfoSphere Guardium. This is the preferred way to submit enhancement requests moving forward. The direct link is here: https://www.ibm.com/developerworks/rfe

You can find step by step instructions in the InfoSphere Guardium community wiki here:http://bit.ly/guardrfe

Tech Tip: Use data-level security for granular access control of auditing results in InfoSphere Guardium

Ensure separation of duties based on the originating data source

Tansel Zenginler, Data Governance Solutions Architect, IBM
Kathryn Zeidenstein, InfoSphere Guardium Evangelist, IBM

IBM® InfoSphere® Guardium® offers enterprise-wide data activity monitoring for data protection and auditing. Two critical elements to consider for a successful enterprise implementation of InfoSphere Guardium for enterprise-wide data protection and audit include support for separation of duties, and enterprise deployment capabilities that eliminate redundant configurations and streamline enterprise deployments to match your organizational structures. By using Guardium data-level security mechanisms, administrators can assign responsibilities for particular databases or systems to individuals (or groups) which aligns with their hierarchical organizational structure. This article describes the benefits of data-level security as well as step-by-step instructions for implementing the solution for a sample scenario.

Read more.

On-Demand Webcasts: 
If you missed our recent live broadcast, download these replays to catch up on hot topics, accelerate learning and view demonstrations of IBM data security and privacy solutions.

2013 InfoSphere Guardium Training Courses

Guardium’s training courses help you achieve results quickly and easily. For more information about training, to sign up for a training course, or to schedule a training session, go to:

  • GU201: IBM InfoSphere Guardium Technical Training - This three-day course offers a balanced mix of lectures, hands-on lab work, case studies, and testing. Students will learn how to create reports, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. Students will also learn about system administration, archiving, purging, and back-ups.
  • 2U201: IBM InfoSphere Guardium 8 Technical Training – New Self-Paced Course - In this self-paced course, students will learn how to implement and support Guardium solutions within their environment. The course will highlight report creation, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. See how system administration, archiving, purging, and backups are completed.

Register today!

Proof of Technology and Technical Demonstrations
To attend one of the Proof of Technology sessions – Email an IBM Representative. Include in your email the location you are interested in attending one.

InfoSphere Guardium Bootcamp for Business Partners

This technical workshop is for IBM business partners who are currently working with or are interested in working with IBM InfoSphere Guardium. It provides training on InfoSphereGuardium in a classroom setting. Detailed presentations and hands-on labs on Guardium 8 are included where attendees will gain in-depth knowledge on topics including:

  • InfoSphere Guardium product overview
  • Guardium installation concepts, planning, and configuration
  • Auditing database servers with the Guardium system
  • Monitoring for unusual traffic
  • S-GATE and S-TAP Terminate Functions
  • Vulnerability Assessments
  • Enhanced Enforcement Actions
  • And much more…

Learn how IBM InfoSphere Guardium can add value to your security and data management solutions and extend your market opportunity. Business partners working in the consulting industry who are currently working with or plan to work with InfoSphere Guardium are also welcome to attend.

Schedule and registration information

Please Note: We will send an email confirmation to all registrants 1-2 weeks before the bootcamp begins.

Date Country City Registration Information
Apr 2 – 5, 2013 United Kingdom Hursley Register here
Apr 2 – 5, 2013 Thailand Bangkok Register here
Apr 9 – 12, 2013 Singapore Singapore Register here
Apr 9 – 12, 2013 Malaysia Kuala Lumpur Register here
Apr 16 – 19, 2013 Vietnam Hanoi Register here

Fore more information, go to IBM InfoSphere Guardium Bootcamp

Upcoming Events
Please visit us at the following upcoming events:

Big Data, Integration, & Governance Forum
Chengdu, China – April 2, 2013
Columbus, OH – April 9, 2013
Tokyo, Japan – April 11, 2013
Berlin, Germany – April 15, 2013
Atlanta, GA – April 16, 2013
Charlotte, NC – April 18, 2013
London, UK – April 26, 2013

Join us at an IBM Big Data, Integration and Governance Forum to hear from industry experts on how to turn your ever-growing supply of data into an enterprise source of knowledge. The forum—which addresses both strategies and technologies—will identify the pains associated with the overabundance of information and spur thinking around building an information strategy for smarter analytics.

Register today for the IBM Big Data, Integration and Governance Forum near you. 

COLLABORATE 2013
Denver, CO – April 7-11, 2013; Colorado Convention Center
IBM Booth 1109
Drive a new era of performance with flexible solutions.

IBM will be back and better than ever at Collaborate 2013!  Collaborate is the annual gathering of three of Oracle’s biggest and most influential user groups - OAUGQuest and IOUG.
Below is a sample listing of 8 of 30 sessions that IBM will be leading.

Session ID Session Title
13118 Big Data, Integration and Governance: Ask the Experts
871 Big Data Analytics, ‘R’ You Ready?
109020 Anatomy of a JD Edwards Archiving Project
Keynote Are you ready for the New Era of Computing and Big Data?
109010 Best Practices for Securing and Privatizing your PeopleSoft Data
103360 Why Mask Big Data?
998 Business Driven Data Security and Privacy Policies Across the Enterprise
100130 Managing Big Data: Anatomy of a Big Data Archiving Project

 

Blogs

IBM Pulse Blog

The Big Data Hub Blog

Institute for Advanced Security Blog

Video and Podcast

The Role Big Data Plays in Solving Complex Security Challenges

How to Build Data Security into Big Data Environments

Quick Links
Monitor Data Activity in Real Time 
Identify unauthorized or suspicious activities by continuously monitoring access to databases, data warehouses, Hadoop systems and file share platforms in real time.

Audit and Validate Compliance
Simplify SOX, PCI-DSS, and Data Privacy processes with pre-configured reports and automated oversight workflows (electronic sign-offs, escalations, etc.) to satisfy mandates.

Secure and Protect Big Data Environments 
Build security into big data environments to prevent breaches, ensure data integrity and satisfy compliance.

Protect Data Privacy and Support Compliance 
Develop a holistic approach to data protection to ensure compliance and reduce costs.

Assess Vulnerabilities 
Scan the entire data infrastructure for vulnerabilities and receive an ongoing evaluation of your data security posture, using both real-time and historical data.

Safeguard both Structured and Unstructured Data 
Ensure structured and unstructured data is identified, transformed and audited.

Deliver Security to Cloud and Virtual Environments 
Providing comprehensive data protection for cloud, virtual and physical infrastructures.

Produce Better Business Outcomes with Information Goverance
Ensure Enhance information integrity, availability and quality

InfoSphere Data Security and Privacy Offerings:
InfoSphere Discovery
InfoSphere Guardium Data Encryption
InfoSphere Guardium Activity Monitor
InfoSphere Guardium Vulnerability Assessment
InfoSphere Optim Data Privacy

Social media links
Follow Guardium   View us on YouTube

Next Tech Talk on April 11: Take Control of your Guardium Appliance

Join us at 830 AM (PDT) /11:30 AM (EDT) on April 11th.
Learn how to manage multiple IBM InfoSphere Guardium appliances in heterogeneous environments and understand the recent additions of tools available for system self monitoring and system tuning. Members of our support organization will cover best practices in maintaining, upgrading and expanding your InfoSphere Guardium environment .

Slides will be available on the tech talk wiki page by the day of the talk. http://ibm.co/Wh9x0o