IBM/Guardium Hosts Database Security Seminar Series Featuring Top Analyst Firm

Experts Share Best Practices for Safeguarding SAP and Other Critical Enterprise Applications

WALTHAM, Mass.--(BUSINESS WIRE)-- IBM InfoSphere Guardium, the database security leader, is hosting a three city database security seminar series, “Best Practices for Database Security, Information Governance & Compliance," featuring Gartner’s Jeffrey Wheatman and IBM InfoSphere Guardium CTO Ron Ben Natan, Ph.D.

The events will take place in Houston, TX, Atlanta, GA and Chicago, IL – with the first seminar scheduled for Wednesday, October 20th from 9 a.m. to 12 p.m. at the Marriott West Loop in Houston.

Featured speaker Jeffrey Wheatman, research director within Gartner’s Information Security, Risk Management and Privacy research group, will give a keynote presentation explaining the ins and outs of database activity monitoring (DAM) and how DAM technology addresses critical security and compliance challenges. Mr. Wheatman will also describe the top 10 database activities enterprises should monitor to detect malicious or unapproved activity, and how to evaluate DAM and fraud detection technologies.

According to Wheatman, “Most enterprises are paying too little attention to the very real security risks associated with their databases” (“Ten Database Activities Enterprise Need to Monitor,” by Jeffrey Wheatman, April 2010).

Database Activity Monitoring (DAM) provides enterprises with specialized event collection and analysis capabilities for compliance reporting and security management, which are increasingly important because of auditors’ strong focus on the identification and protection of personally identifiable information, personal health information and other regulated data types.

In Mr. Wheatman’s keynote presentation, he’ll reveal best practices for securing sensitive data and how DAM technology addresses many organizations’ security and compliance headaches, including how to:

• Monitor privileged users such as DBAs, developers and outsourced personnel.
• Identify end-user fraud for multi-tier enterprise applications that use generic service accounts.
• Address audit findings for database segregation of duties (SOD) and change management.
• Mitigate the high levels of risk resulting from database vulnerabilities.
• Deploy advanced functions such as data leak prevention, proactive blocking, discovery of at-risk data, configuration auditing and database user rights attestation.
• Provide database audit capability without enabling resource-intensive native database logging and audit functions.

Ron Ben Natan,IBM Distinguished Engineer and InfoSphere Guardium CTO, will also discuss best practices for database security, monitoring and compliance. Ben Natan holds a Ph.D. in distributed computing and has authored 12 technical books, including HOWTO Secure and Audit Oracle 10g and 11g (CRC Press, 2009) and Implementing Database Security and Auditing (Elsevier Digital Press, 2005), the standard texts in the field.

Ben Natan will highlight the challenges of database security as compared to traditional network security and explain how DAM allows companies to enforce granular policies for sensitive data access and change control. Key discussion points include how to:

• Move beyond traditional perimeter security (firewalls, anti-virus, etc.) to address 21st-century threats at the data layer, including safeguarding sensitive data and identifying fraud for critical enterprise applications such as SAP, PeopleSoft, Siebel, Oracle EBS, IBM Cognos and SharePoint.
• Implement the eight steps to holistic database security.
• Continuously audit all database activities in real-time – without impacting performance – even in complex, high-volume data centers.
• Deploy automated tests for identifying database vulnerabilities using best practices metrics (CIS Benchmark, DISA STIG, CVE).
• Advance beyond monitoring to provide proactive, policy-based blocking, user quarantine and fire-ID enforcement.
• Reduce complexity with a single set of data security policies for heterogeneous environments.
• Streamline compliance and reduce last-minute audit scrambles by automating common oversight processes such as report distribution, sign-offs, escalations and change reconciliation.
• Integrate IBM InfoSphere Guardium with your existing heterogeneous infrastructure (LDAP, IAM, SIEM, change ticketing systems, etc.) and other IBM solutions.

Attendees will also hear real-world case studies about enterprises that have implemented the scalable platform provided by InfoSphere Guardium to secure sensitive data and reduce compliance costs, with a meaningful ROI and typical payback period of less than 6 months.

Attendees will have the chance to walk away with 1 of 10 copies of “HOWTO Secure and Audit Oracle 10g and 11g” at the conclusion of the session.

Register today to attend the “Best Practices for Database Security, Information Governance & Compliance” exclusive seminars.

About IBM InfoSphere Guardium

IBM InfoSphere Guardium provides the simplest, most robust solution for preventing database breaches and unauthorized changes to critical databases. Guardium's scalable platform simplifies information governance and compliance with unified policies for heterogeneous infrastructures. Capabilities include: real-time database activity monitoring (DAM); application-layer monitoring to identify fraud (SAP, PeopleSoft, etc.); vulnerability and configuration management; data discovery; blocking; and automated compliance reporting and oversight.

The InfoSphere Guardium enterprise platform is now installed in more than 450 data centers worldwide, including 5 of the top 5 global banks; 4 of the top 6 insurers; top government agencies; 2 of the top 3 retailers; 20 of the world's top telcos; the most recognized name in PCs; a top 3 auto maker; a top 3 aerospace company; and a leading supplier of business intelligence software.

InfoSphere Guardium 8 provides the industry's broadest platform support for data security and compliance, including SharePoint monitoring; mainframe database vulnerability assessment and activity monitoring; enhanced SAP monitoring; cross-DBMS entitlement reporting; and managing database fire-IDs and automatically quarantining users who perform unauthorized or suspicious activities.

Corporate InkGeorge Robertson, 617-969-9192
[email protected]

Source: Guardium