23
Mon, Dec
1 New Articles

IBM Launches New Data Security Software

New Products, Agreements and Trends
Typography
  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

Company delivers industry's broadest platform support for data security and compliance, including support for the mainframe.

IBM has announced new software that helps businesses protect customer data and other sensitive information from security breaches. The new software automatically monitors structured data and application usage across the enterprise and immediately alerts management to unusual activity.

Today, organizations are struggling to manage a variety of complex data security threats, from misuse by insiders or cyber criminals outside the company. Combined with an increase in corporate security compliance policies, clients of all sizes are under pressure to build data security into the fabric of their IT systems.

According to industry estimates, on average, a data breach can cost a company between $100 and $200 per compromised record. Recognizing these challenges, IBM is delivering new software that enables organizations to embed data security and privacy capabilities into all their enterprise databases and applications such as CRM, human resources, ERP, accounting, finance and other applications.

IBM is introducing InfoSphere Guardium 8 which allows organizations to simplify security and compliance regulations with a single set of automated and centralized controls for a broader range of enterprise databases and applications. In addition to its automated monitoring capabilities, the new software also helps clients more easily meet compliance mandates by delivering stronger information governance controls to ensure the privacy and integrity of corporate data while simplifying audits. These new capabilities will also help lower compliance costs across all of an organization's high-value data sources.

New features in InfoSphere Guardium include:

Fraud Protection for SAP Systems: From client data to ERP and personnel information, SAP systems often contain sensitive information that must be monitored for compliance and audit purposes. Now, businesses can detect fraud in real-time through the monitoring of all user activities at the application layer, including activities by administrators and outsourced personnel. The new release of InfoSphere Guardium provides more detailed information about SAP users, making it easier for businesses to detect fraudulent activities without making any changes to their databases or applications.

Protection of SharePoint files: SharePoint repositories often contain sensitive information such as corporate financial results and valuable intellectual property such as product design data, but they do not have the necessary controls to prevent misuse by insiders. Now, for the first time, businesses have continuous real-time monitoring controls making it easier to detect unauthorized access to SharePoint repositories.

Support for the Mainframe: An often overlooked, yet critical aspect of database security is real-time monitoring and auditing controls for database and system administrators. IBM now offers enhanced database activity monitoring capabilities for IBM DB2 databases running on System z, allowing businesses to protect critical information from unauthorized access by administrators. For example, if a database administrator at an insurance company tries to access a client's social security number, salary and medical history, the system will immediately generate an alert for security and compliance personnel. The new version of InfoSphere Guardium 8 leverages IBM-developed mainframe technology to capture all database transactions with minimal performance impact.

Additionally, businesses can now perform a series of automated tests to assess security vulnerabilities such as weak permissions that could leave the organization open to data loss or failed compliance audits. InfoSphere Guardium also provides monitoring and assessment capabilities for non-IBM database platforms running on the mainframe such as Oracle for Linux on System z.

Improved Compliance and Audit processes: A critical part of any audit is the ability to demonstrate that compliance and exception reports have been reviewed by oversight teams and appropriate actions taken. With the new software, businesses will have improved flexibility to define custom workflows and share specific audit information with relevant audiences in their organizations. Together with the software's pre-packaged report templates for common regulations such as SOX, HIPAA and PCI, this capability will help businesses save time and money by significantly reducing time required to gather and report on compliance data required by auditors.

Advanced Blocking and Quarantining: In the event of unauthorized or suspicious activity, businesses can selectively block individual users from accessing the system for a specified period of time, avoiding the loss of valuable data until the activity can be investigated. For example, if a customer service representative looks up hundreds of credit card numbers within an hour he or she would automatically be locked out of the system. Similarly, if a database administrator at a hospital accessed private data on a high-profile patient, that employee's access to the database would be immediately blocked, without requiring any manual, time-consuming or error-prone changes to critical databases and applications.

Integration with Tivoli software: Now, critical security and compliance monitoring information about high-value databases and applications, collected by InfoSphere Guardium software, can be combined with information about other systems and network security devices collected by Tivoli Security Information and Event Management software. This integration provides businesses with an enterprise-wide view of key information that enables them to more easily address information governance across the enterprise.

With new capabilities for System z, SharePoint and SAP along with existing capabilities for protecting heterogeneous database infrastructures including IBM DB2 and Informix, Oracle and Microsoft SQL Server and enterprise applications such as IBM Cognos and PeopleSoft, IBM is now delivering the broadest industry support available for database security, monitoring and compliance.

"From organized crime syndicates stealing credentials and hacking into databases to unauthorized access by employees, businesses are facing an overwhelming volume of sophisticated data security threats," said Mike Gibbons, principal, Deloitte, a leading system integrator. "Organizations must now implement additional layers of security such as real-time database activity monitoring because traditional perimeter security approaches such as network firewalls and anti-virus systems are no longer sufficient."

To respond to clients needs to address increasingly complex data and cyber security threats, IBM is steadily building its security portfolio through a mix of organic innovations and acquisitive growth. IBM's approach is to strategically manage information technology and operational risk end-to end across all areas of information technology security. From organic innovations from IBM Research to acquisitive growth such as the Guardium offerings, IBM offers the broadest set of security and cyber security software and services offerings.

"Data is the new currency for business and safeguarding that investment is a primary concern for businesses across every industry," said Arvind Krishna, general manager," IBM Information Management. "IBM is the only vendor that can help clients reduce the complexity of data security across the largest and most diverse data center environments while at the same time reducing the costs associated with regulatory compliance."

Since 2006, IBM has made 11 acquisitions to expand its range of offerings in the security space. With less than a year since the acquisition of Guardium, that technology and expertise has been rapidly integrated within the broader IBM security portfolio helping businesses secure their critical databases and applications.

With more than 3,500 service consultants, hardware, software that spans a business' entire infrastructure, research and a global network of business partners, no other company can provide the experience and breadth of offerings as IBM to help clients implement company-wide, integrated risk management programs.

This year, IBM launched the IBM Institute for Advanced Security, an initiative that will help clients, business partners and academics better understand and address the cyber security issues that can impact their IT and business systems. Based in Washington D.C., the Institute provides a collaborative environment for public and private sector officials worldwide to tap into IBM's vast security expertise to more efficiently and effectively secure and protect critical business information threatened by increasingly malicious and costly cyber threats.

IBM Managed Security Services combine infrastructure, experience and expertise to provide constant monitoring and management of security technologies in client environments around the globe. By providing clients with a single management console to view an entire security infrastructure and the ability to manage multiple products from various security vendors, IBM can help simplify security management and maximize existing investments.

Designed to provide clients from around the world with the highest level of around-the-clock protection and service, IBM's nine global security operations centers are constantly staffed with managed security services professionals. For clients adopting cloud computing, IBM Cloud Security Services offerings harness the power of the IBM Virtual-Security Operations Center platform to deliver high-value services that require little or no security device investment or maintenance.

IBM Guardium security platform is installed in more than 500 data centers worldwide, including 5 of the top 5 global banks; 4 of the top 6 insurers; 2 of the top 3 retailers; 20 of the world's top telcos; top government agencies; the most recognized name in PCs; a top 3 auto maker; a top 3 aerospace company; and a leading supplier of business intelligence software.

The IBM InfoSphere Guardium 8 software will be available in mid-September. It is offered as a pre-configured appliance or virtual appliance for rapid deployment and simplified maintenance.

For more information on IBM security offerings, visit: www.ibm.com/security

For more information on IBM InfoSphere Guardium visit: http://www.ibm.com/software/data/guardium/index.html

BLOG COMMENTS POWERED BY DISQUS

LATEST COMMENTS

Support MC Press Online

$

Book Reviews

Resource Center

  • SB Profound WC 5536 Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application. You can find Part 1 here. In Part 2 of our free Node.js Webinar Series, Brian May teaches you the different tooling options available for writing code, debugging, and using Git for version control. Brian will briefly discuss the different tools available, and demonstrate his preferred setup for Node development on IBM i or any platform. Attend this webinar to learn:

  • SB Profound WP 5539More than ever, there is a demand for IT to deliver innovation. Your IBM i has been an essential part of your business operations for years. However, your organization may struggle to maintain the current system and implement new projects. The thousands of customers we've worked with and surveyed state that expectations regarding the digital footprint and vision of the company are not aligned with the current IT environment.

  • SB HelpSystems ROBOT Generic IBM announced the E1080 servers using the latest Power10 processor in September 2021. The most powerful processor from IBM to date, Power10 is designed to handle the demands of doing business in today’s high-tech atmosphere, including running cloud applications, supporting big data, and managing AI workloads. But what does Power10 mean for your data center? In this recorded webinar, IBMers Dan Sundt and Dylan Boday join IBM Power Champion Tom Huntington for a discussion on why Power10 technology is the right strategic investment if you run IBM i, AIX, or Linux. In this action-packed hour, Tom will share trends from the IBM i and AIX user communities while Dan and Dylan dive into the tech specs for key hardware, including:

  • Magic MarkTRY the one package that solves all your document design and printing challenges on all your platforms. Produce bar code labels, electronic forms, ad hoc reports, and RFID tags – without programming! MarkMagic is the only document design and print solution that combines report writing, WYSIWYG label and forms design, and conditional printing in one integrated product. Make sure your data survives when catastrophe hits. Request your trial now!  Request Now.

  • SB HelpSystems ROBOT GenericForms of ransomware has been around for over 30 years, and with more and more organizations suffering attacks each year, it continues to endure. What has made ransomware such a durable threat and what is the best way to combat it? In order to prevent ransomware, organizations must first understand how it works.

  • SB HelpSystems ROBOT GenericIT security is a top priority for businesses around the world, but most IBM i pros don’t know where to begin—and most cybersecurity experts don’t know IBM i. In this session, Robin Tatam explores the business impact of lax IBM i security, the top vulnerabilities putting IBM i at risk, and the steps you can take to protect your organization. If you’re looking to avoid unexpected downtime or corrupted data, you don’t want to miss this session.

  • SB HelpSystems ROBOT GenericCan you trust all of your users all of the time? A typical end user receives 16 malicious emails each month, but only 17 percent of these phishing campaigns are reported to IT. Once an attack is underway, most organizations won’t discover the breach until six months later. A staggering amount of damage can occur in that time. Despite these risks, 93 percent of organizations are leaving their IBM i systems vulnerable to cybercrime. In this on-demand webinar, IBM i security experts Robin Tatam and Sandi Moore will reveal:

  • FORTRA Disaster protection is vital to every business. Yet, it often consists of patched together procedures that are prone to error. From automatic backups to data encryption to media management, Robot automates the routine (yet often complex) tasks of iSeries backup and recovery, saving you time and money and making the process safer and more reliable. Automate your backups with the Robot Backup and Recovery Solution. Key features include:

  • FORTRAManaging messages on your IBM i can be more than a full-time job if you have to do it manually. Messages need a response and resources must be monitored—often over multiple systems and across platforms. How can you be sure you won’t miss important system events? Automate your message center with the Robot Message Management Solution. Key features include:

  • FORTRAThe thought of printing, distributing, and storing iSeries reports manually may reduce you to tears. Paper and labor costs associated with report generation can spiral out of control. Mountains of paper threaten to swamp your files. Robot automates report bursting, distribution, bundling, and archiving, and offers secure, selective online report viewing. Manage your reports with the Robot Report Management Solution. Key features include:

  • FORTRAFor over 30 years, Robot has been a leader in systems management for IBM i. With batch job creation and scheduling at its core, the Robot Job Scheduling Solution reduces the opportunity for human error and helps you maintain service levels, automating even the biggest, most complex runbooks. Manage your job schedule with the Robot Job Scheduling Solution. Key features include:

  • LANSA Business users want new applications now. Market and regulatory pressures require faster application updates and delivery into production. Your IBM i developers may be approaching retirement, and you see no sure way to fill their positions with experienced developers. In addition, you may be caught between maintaining your existing applications and the uncertainty of moving to something new.

  • LANSAWhen it comes to creating your business applications, there are hundreds of coding platforms and programming languages to choose from. These options range from very complex traditional programming languages to Low-Code platforms where sometimes no traditional coding experience is needed. Download our whitepaper, The Power of Writing Code in a Low-Code Solution, and:

  • LANSASupply Chain is becoming increasingly complex and unpredictable. From raw materials for manufacturing to food supply chains, the journey from source to production to delivery to consumers is marred with inefficiencies, manual processes, shortages, recalls, counterfeits, and scandals. In this webinar, we discuss how:

  • The MC Resource Centers bring you the widest selection of white papers, trial software, and on-demand webcasts for you to choose from. >> Review the list of White Papers, Trial Software or On-Demand Webcast at the MC Press Resource Center. >> Add the items to yru Cart and complet he checkout process and submit

  • Profound Logic Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application.

  • SB Profound WC 5536Join us for this hour-long webcast that will explore:

  • Fortra IT managers hoping to find new IBM i talent are discovering that the pool of experienced RPG programmers and operators or administrators with intimate knowledge of the operating system and the applications that run on it is small. This begs the question: How will you manage the platform that supports such a big part of your business? This guide offers strategies and software suggestions to help you plan IT staffing and resources and smooth the transition after your AS/400 talent retires. Read on to learn: