Guardium Prevents Database Leaks of Sensitive Information
Automatically finds and tags sensitive data, assigns access policies, and prevents unauthorized access
Database security company Guardium today announced a comprehensive solution for preventing database leak. Due within 30 days, Guardium DBLP automatically finds and tags sensitive information in databases, and prevents unauthorized access using real-time policies and continuous comparisons to “normal” behavior.
Guardium DBLP monitors traffic flowing to and from database servers, thus enabling it to spot a database query that returns more credit card numbers than are outside the normal counts of such a query.
Guardium DBLP is built upon Version 6.0 of the Guardium platform, a solution that monitors, secures, and audits databases. Guardium DBLP combines three technologies to protect sensitive information:
A database content classification and policy engine uses a database crawler to find patterns (such as 9-digit Social Security numbers) and issues alerts when it locates such information for the first time. It tags sensitive objects with metadata classifications such as “Privacy-Restricted” or “Regulated Record.” Enterprises can use Guardium’s data mining tools to “analyze a verifiable audit trail of historical transaction information -- stored in Guardium’s data warehouse and typically involving tens of millions of sessions -- for particular events involving specific classes of data,” the company said in a statement.
An extrusion policy engine monitors outbound responses from databases and detects suspicious activities based on data patterns and data volumes. This traps activities by authorized users that fall outside normal business processes, which could indicate data theft. Guardium’s access and security exception policies monitor inbound database commands for unauthorized activity such as failed logins or database changes.
Database intrusion/extrusion prevention technology provides real-time enforcement and peremptory blocking of transactions that violate security policies. Users can configure the appliance as an inline database firewall or as a passive monitoring device that is triggered by other actions, such as TCP reset blocking or VPN port shutdowns, among others.
Guardium also helps organizations pass audits more quickly by providing a suite of over 100 reports and policies that address such standards as the Payment Card Industry Data Security Standard (PCI DSS). Its compliance workflow automation feature automatically generates regularly-scheduled audit reports and distributes them with a requirement for electronic approval.
Guardium DBLP supports Oracle, Microsoft SQL Server, IBM DB2, Informix, Sybase IQ, and ASE. Pricing was not announced. More information is available at http://www.guardium.com
James E. Powell is the former editorial director of Enterprise Strategies (esj.com).