This commissioned case study by Forrester Consulting describes how a global manufacturer implemented Guardium’s real-time monitoring technology to protect corporate data and enforce change controls for critical databases supporting SAP, Siebel and 22 other key financial systems. The customer is a Fortune 500 manufacturer whose brands are household names around the world. According to Forrester, the Guardium solution delivered a risk-adjusted ROI of 239 percent and payback period of less than 6 months compared to the “significant labor and capital costs” that would have otherwise been required using an in-house solution and traditional database logging utilities.
According to Forrester, Guardium is “a Leader across the board” with “dominance and momentum on its side.” Forrester expects Guardium to “maintain its leadership in supporting large heterogeneous environments, delivering high performance and scalability, simplifying administration, and performing real-time database protection.”
This commissioned case study by Forrester Consulting describes how a global manufacturer implemented Guardium’s real-time monitoring technology to protect corporate data and enforce change controls for critical databases supporting SAP, Siebel and 22 other key financial systems. The customer is a Fortune 500 manufacturer whose brands are household names around the world. According to Forrester, the Guardium solution delivered a risk-adjusted ROI of 239 percent and payback period of less than 6 months compared to the “significant labor and capital costs” that would have otherwise been required using an in-house solution and traditional database logging utilities.
Database activity monitoring technology provides monitoring and analytics without the overhead involved with native database audit functionality. Organizations that have compliance or security drivers for database monitoring that cannot be addressed by native audit functions should evaluate DAM.
This commissioned case study by Forrester Consulting explains how a leading NYSE-traded energy company simplified database monitoring for SOX while strengthening database security and change controls.
The latest survey commissioned by the Oracle Applications Users Group (OAUG), the leading Oracle user group, in cooperation with Guardium, finds that IT organizations are devoting major amounts of staff resources to database monitoring and compliance reporting. Discover what other businesses are saying about compliance challenges and costs, automating database monitoring and auditing, and the benefits and opportunities that lie ahead.
by Eric Ogren, Security Analyst, Enterprise Strategy Group
This special report, commissioned by Guardium, examines a comprehensive approach to securing confidential data and auditing database activity for compliance with government regulations and corporate security policies. The purpose is to provide information and make recommendations for database security to assure true compliance and business continuity. Information in this report derives from Enterprise Strategy Group research and interviews with security executives of global operations.
by Spire Research
This white paper talks about how to protect your valuable and sensitive databases. Safeguarding information assets is vital, yet it can be difficult to apply controls that are restrictive or inhibit performance. Learn more about the traditional issues surrounding database security, an approach to implement a database security monitoring program, and insights into how Guardium addresses the challenges of security and compliance with its powerful solutions.
Waltham, Mass.-based Guardium received a strategic investment from Cisco as part of a strategic funding round totaling $6.3 million. Cisco’s investment in the four year old company is the first investment in this market by a major technology company and provides strong validation of Guardium’s market leadership and the new database access control product category that provides companies with the ability to track and control access to sensitive data in their critical business systems and ensure regulatory compliance. Cisco, for a relatively small investment, gains access to new technology which may help drive Cisco revenue in the future as the company expands and refines product offerings.
How the Guardium Platform Helped Dell IT Simplify Enterprise Security
Safeguarding data is critical for many organizations, but auditing data access activity to comply with regulatory standards can be a complex undertaking.
As part of its initiative to simplify IT, the Dell IT group implemented the Guardium platform and database activity monitoring (DAM) technology to help protect its more than 300 database servers globally distributed across 10 data centers and streamline compliance processes.
CIO David Vordick selected Guardium for a real-time database monitoring solution to help USEC Inc. pass its audits. After two audits with the solution in place, their investment has paid off. Guardium simplifies data governance by centralizing Sarbanes-Oxley controls across database platforms and providing preconfigured reports. “When it comes to Sarbanes-Oxley,” says Vordick, “it’s good to have one less thing to worry about.”
Guardium Secures SAP & Siebel data for F500 Global Manufacturer, Achieving 239% ROI and 5.9 Months Payback (by Forrester Consulting)
Case Study About a Major International Telecommunications Company with Thousands of Databases in 11 Data Centers
SOX Case Study: Global Company Deploys Guardium to Secure Enterprise Data, Enforce Change Controls, and Satisfy Auditing, Governance Requirements
Implementing Database Auditing, Monitoring and Security in a Leading BC-BS Organization
$10B NYSE-Traded Energy Company Implements Guardium to Improve Database Security and Comply with SOX (by Forrester Consulting)
Cimarex Energy Protects Critical Financial Data from Unauthorized Changes (from SearchSecurity.com)
Las Vegas’ McCarran International Airport Prevents Inside & Outside Attacks on Critical Databases
National Library Board of Singapore Protects Sensitive Data from Privileged Insiders and Outsourced Personnel
Premier MSP Leverages Guardium Platform to Provide Value-Added Security and Auditing Services
SC Magazine gives Guardium 5-Star ratings for Features, Performance and Ease-of-Use, citing its “easy installation, massive database support, sophisticated reporting, strong policy-based security [and] PCI out-of-the-box.” The review describes the product as a “sophisticated database security solution that is simple to install and deploy” with “an extensive range of security features that allow companies to monitor and audit database usage and enforce policies to prevent unauthorized access.”
Guardium was rated “at the top of the DBEP [database extrusion prevention] class” with a “solid feature set that should please security pros looking to take back control of database security” in a lab review conducted by InformationWeek magazine. According to the review, Guardium “has thrown in practically every feature you’ll need to lock down sensitive data” with a “well-designed and attractive Web interface that shows off the maturity of the 6.0 release.” The review concludes that Guardium 6.0 provides “capabilities that stand out from other products we’ve tested.” These products include Imperva’s SecureSphere Database Security Gateway and RippleTech’s Informant.
The Verdict: Guardium’s solution “has evolved from an impressive technology to an enterprise-class security product that should be on every organization’s radar.” Guardium “continues to address one of the most typical database audit failure points. Most auditors will not issue a ‘pass’ if you leverage a database’s native logging features because they are owned and controlled by the groups you are trying to monitor (for example, DBAs should not be responsible for configuring and monitoring DBAs). Guardium 6.0 ensures a system of checks and balances between the security and database engineering teams.”
October 22, 2008
2:00 PM EDT
How Dell IT Simplified Database Security for SOX, PCI, SAS 70
Register today to learn how to simplify database security and compliance ─ without impacting performance or creating more work for your DBAs and security teams.
Passing SOX, PCI and SAS 70 audits quickly ─ while reducing staff workload ─ has become a top priority for most organizations. During this 45-minute, educational Webcast co-sponsored by Guardium and BMC, you’ll learn how: Dell’s IT group replaced its homegrown scripts and native database auditing with Guardium’s automated, cross-DBMS platform ─ resulting in streamlined compliance and a significant reduction in auditing overhead. Dell rapidly deployed Guardium to 300+ DBMS servers ─ in 10 datacenters worldwide ─ with plans to expand to 700+ additional servers in the next phase.
If you work in any field of IT or Security, almost independent of any industry, you are aware of the impact that regulations have had on our workload, our expenditures and perhaps even our motivations. Most of these regulations boil down to the same core set of action items—we must become more secure. But we also need to prove that we are more secure.
In this episode of Cisco TechWiseTV, we will engage our panel of experts to get beyond the hype of the latest compliance pain point and help you arrive at some core principles.
Listen to Guardium CTO, Ron Bennatan, Ph.D., as he discusses key drivers for database security and compliance, and gives a live demonstration of the Guardium solution.
Achieve Compliance with OMB Data Security Directive for Securing PII Data
Co-sponsored by BMC
Register to view this on-demand webcast to learn about best practices for securing Personally Identifiable Information (PII) data in sensitive databases and easily complying with OMB M-06-16.
According to the OMB directive, government departments and agencies must log all extracts from sensitive databases and verify that private information has been erased within 90 days.
Find out how key government agencies have improved their security and access control environment by deploying a non-intrusive, appliance-based solution for monitoring and tracking all access to sensitive data and database changes—across all their DBMS platforms and applications—without impacting database performance or requiring changes to applications.
This on-demand educational videocast explains how to protect critical enterprise data and pass compliance audits without impacting business performance. The presentation features: a Gartner vice president and data security expert who explains why database activity monitoring (DAM) is important and how to select a DAM solution; the CIO of USEC, a $1.85 billion NYSE-traded energy company, who describes the business problems that led him to evaluate DAM solutions, and why he chose Guardium; customer case studies highlighting Guardium’s architecture, scalability and ease-of-implementation.
“Best Practices for Database Security and Compliance” with Forrester analyst Noel Yuhanna. Includes discussion of Forrester Wave and overview of Guardium architecture.
“What Every CSO Should Know About Database Security for SOX & PCI,” with analyst Jon Oltsik from ESG. Hosted by CSO Magazine.
Dark Reading Webinar: “Protect Cardholder Data for PCI – Without Database Encryption.” Technical presentation by Guardium’s CTO Ron Bennatan, Ph.D.
This book is the definitive guide for information security professionals, DBAs and auditors. Authored by database security expert, IBM Gold Consultant, and Guardium CTO Ron Bennatan, this 413-page book contains hundreds of practical tips and examples for protecting sensitive information and passing audits smoothly. Click below to download a free chapter on “Auditing Categories.”
A 1-page overview of Database Activity Monitoring (DAM) from SC Magazine
Complying with the PCI standard regarding the security of customer databases is challenging. Database encryption is complex, costly and can take years to retrofit into legacy applications. Collecting native database logs (even when combined with log-management or SIEM tools), doesn’t provide granular access controls or sufficient visibility into read operations or the activities of privileged users, while more detailed database auditing utilities are impractical because of the heavy performance load they impose on database systems. Read how real-time, network appliance-based database activity monitoring solutions can protect sensitive data and satisfy PCI requirements without impacting business processes or performance.
The latest survey commissioned by the Oracle Applications Users Group (OAUG), the leading Oracle user group, in cooperation with Guardium, finds that IT organizations are devoting major amounts of staff resources to database monitoring and compliance reporting. Discover what other businesses are saying about compliance challenges and costs, automating database monitoring and auditing, and the benefits and opportunities that lie ahead.
Technical White Paper by Ron Ben-Natan, Ph.D. & Guardium CTO
This white paper describes why traditional security technologies are insufficient to protect databases against both internal and external threats. It describes the seven essential elements of database security, and provides an overview of how regulations such as SOX, PCI, and data privacy laws are driving the need for new approaches to database security and auditing. Finally, it includes a technical overview of the Guardium architecture, with diagrams and screen shot examples.
by Ron Ben-Natan, CTO, Guardium Inc.
This white paper outlines how continuous SQL monitoring can be used for database security applications that provide database protection at a level which has been successfully used for network and application security. The paper further discusses what information is required for safeguarding data access and what methods are available for collecting this information (including the various advantages/disadvantages). Finally, the paper discusses how the collected information can be used for security, auditing, and monitoring applications.