Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
- 1. © 2015 IBM Corporation How Secure is Your Data? Eric Offenberg WW Sales Enablement Leader IBM Security Guardium
- 2. 2© 2015 IBM Corporation A Short Video to Get Us Started
- 3. 3© 2015 IBM Corporation Are you doing enough to protect data that runs your organization? Damaging security incidents involve loss or illicit modification or destruction of sensitive data Yet many security programs forget to protect the data 70% Customer data, product designs, sales information, proprietary algorithms, communications, etc. Source: TechRadar of your organization’s value likely lies in intellectual property
- 4. 4© 2015 IBM Corporation Data is the key target for security breaches….. … and Database Servers Are The Primary Source of Breached Data http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf2012 Data Breach Report from Verizon Business RISK Team Database servers contain your constituents’s most valuable information – Financial records – Customer information – Credit card and other account records – Personally identifiable information – Patient records High volumes of structured data Easy to access “Go where the money is… and go there often.” - Willie Sutton WHY?
- 5. 5© 2015 IBM Corporation 40% Yearly growth of the Digital Universe over the next decade 80% Unstructured data in the enterprise 46% Increase in number of data breaches from 2013 to 2014 256 Number of days it can take to identify malicious attacks 23% Organizations STILL struggle with security Unstructured Data Security Increase in Total Cost of a data breach since 2013
- 6. 6© 2015 IBM Corporation $3.5M Yearly average cost of compliance Company Data Security approach Audit events/year Average cost/ audit Data loss events/year Average cost/ data loss Total cost (adjusted per TB) w/o data security 6.3 $24K 2.3 $130K $449K/TB w/ data security 1.7 1.4 $223K/TB Annual Cost of not implementing data security $226K/TB Total annual cost of doing nothing in BIG DATA compliance: (for average Big Data organization with 180 TB of business data) $40+ M Source: Aberdeen Group. Why Information Governance Must be Addressed Right Now. 2012 Doing nothing about data compliance is not optional Current models don’t scale Source: The True Cost of Compliance, The Cost of a Data Breach, Ponemon Institute,
- 7. 7© 2015 IBM Corporation Data is challenging to secure DYNAMIC Data multiplies continuously and moves quickly DISTRIBUTED Data is everywhere, across applications and infrastructure IN DEMAND Users need to constantly access and share data to do their jobs
- 8. 8© 2015 IBM Corporation Most Organizations Have Weak Controls 94% of breaches involved database servers 85% of victims were unaware of the compromise for weeks to months. 97% of data breaches were avoidable through simple or intermediate controls. 98% of data breaches stemmed from external agents 92% of victims were notified by 3rd parties of the breach. 96% of victims were not PCI DSS-compliant at the time of the breach. Source: 2012 Verizon Data Breach Investigations Report http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf Key findings:855 incidents reported 174 million compromised records
- 9. 9© 2015 IBM Corporation Top Data Protection Challenges Where is my sensitive data - and who’s accessing it (including privileged users)? How can I enforce access control & change control policies for databases? How do I check for vulnerabilities and lock-down database configurations? How do I reduce costs by automating & centralizing compliance controls? What sensitive data does my organization possess?
- 10. © 2015 IBM Corporation Finding a Solution
- 11. 11© 2015 IBM Corporation File and Data Activity Monitoring: 3 Key Business Drivers 1. Internal threats • Identify unauthorized changes (governance) • Prevent data leakage 2. External threats • Prevent theft 3. Compliance • Simplify processes • Reduce costs
- 12. 12© 2015 IBM Corporation Guardium uses intelligence and automation to safeguard data PROTECT Complete protection for sensitive data, including compliance automation ADAPT Seamlessly handle changes within your IT environment ANALYZE Automatically discover critical data and uncover risk
- 13. 13© 2015 IBM Corporation Guardium for Databases/ Database Activity Monitor (DAM) • Assure compliance with regulatory mandates • Protect against threats from legitimate users and potential hackers • Minimize operational costs through automated and centralized controls • Continuous, real-time database access and activity monitoring • Policy-based controls to detect unauthorized or suspicious activity • Prevention of data loss Data Access Protection and Compliance Made Simple Requirements Benefits Guardium
- 14. 14© 2015 IBM Corporation14 EmployeeTable SELECT Fine-Grained Policies with Real-Time Alerts Application Server 10.10.9.244 Database Server 10.10.9.56 Included with DAM Heterogeneous support including System z and IBM i data servers
- 15. 15© 2015 IBM Corporation Guardium helps support the most complex of IT environments … Examples of supported databases, Big Data environments, file shares, etc Applications Databases DB2 Informix IMS Data Warehouses Netezza PureData for Analytics DB2 BLU CICS WebSphere Siebel PeopleSoft E-Business Database Tools Enterprise Content Managers Big Data Environments Files VSAM z/OS Datasets FTP DB Cloud Environments Windows, Linux, Unix
- 16. 16© 2015 IBM Corporation • Scripting maintenance • Expertise to parse logs • Centralize collection • Stove-piped approach Typical home grown compliance is costly and ineffective Create reports Manual review • Approval • Reject • Escalate Manual remediation dispatch and tracking Native Data Logging Data Compliance Burden Spreadsheet Evaluation
- 17. 17© 2015 IBM Corporation Protect critical files and documents Protect Files Protect Databases & Big Data Guardium Protect Web Applications Classify files and understand sensitive data exposure Visualize ownership and access for your files Control access to critical data through blocking and alerting Monitor all file access, and review in a built-in compliance workflow Detect anomalous activity and investigate outliers IBM Security Guardium Activity Monitor for FilesNEW!
- 18. 18© 2015 IBM Corporation … and eases integration across the broader environment as well SNMP Dashboards Tivoli Netcool, HP Openview, etc. Change Ticketing Systems Tivoli Request Manager, Tivoli Maximo, Remedy, Peregrine, etc. Endpoint Management BigFix Security Intelligence and Management QRadar SIEM, SiteProtector, QRadar Log Manager, zSecure Audit, ArcSight, RSA Envision, McAfee ePO, etc. Business application integrations PeopleSoft, Siebel, SAP Load Balancers F5, CISCO Endpoint Management BigFix Long Term Storage IBM TSM, IBM PureData-Nettezza, Optim Archive, EMC Centers, FTP, SCP, etc. Vulnerability Standards CVE, STIG, CIS Benchmark, SCAP Streamline Processes Reduce Costs Increase Security Long Term Storage IBM TSM, IBM PureData-Nettezza, Optim Archive, EMC Centers, FTP, SCP Application Security AppScan, Policy Manager Data Protection on z zSecure zSystems SIEM, zSecure zAdmin and RACF Web Application Firewalls F5 ASM and ISMIBM Security Guardium Directory Services Security Directory Service, Active Directory, LDAP Identity Management Privileged Identity Manager, Identity and Access Management Authentication RSA SecureID, Radius, Kerberos, LDAP Reduce Costs, Streamline Processes & Increase Security Classification & Leak Protection InfoSphere Discovery, Information Governance Catalog, Optim Data Masking - Credit Card, Social Security number, phone, custom, etc.
- 19. 19© 2015 IBM Corporation ANALYZE A leading organization uses Guardium to analyze and protect data in a dynamic environment using real-time monitoring of more than 5K heterogeneous data sources, including Big Data sources, without affecting the performance of critical apps. Client success stories PROTECT Another organization uses Guardium to analyze and protect data by monitoring and auditing 500 production databases. They have increased security, while reducing staff security requirements from 10 FTEs to 1 FTE. ADAPT A healthcare company deployed IBM Security Guardium across 130 databases in just 3 weeks. They can now get compliance reports for PCI, SOX, and HIPAA in just a few moments.
- 20. 20© 2015 IBM Corporation Guardium supports the whole data protection journey Perform vulnerability assessment, discovery and classification Dynamic blocking, alerting, quarantine, encryption and integration with security intelligence Comprehensive data protection Big data platforms, file systems or other platforms also require monitoring, blocking, reporting Find and address PII, determine who is reading data, leverage masking Database monitoring focused on changed data, automated reporting Acute compliance need Expand platform coverage Address data privacy Sensitive data discovery
- 21. 21© 2015 IBM Corporation 133 countries where IBM delivers managed security services 20 industry analyst reports rank IBM Security as a LEADER TOP 3 enterprise security software vendor in total revenue 10K clients protected including… 24 of the top 33 banks in Japan, North America, and Australia Learn more about IBM Security Visit our website ibm.com/guardium Watch our videos https://ibm.biz/youtubeguardium Read new blog posts SecurityIntelligence.com Follow us on Twitter @ibmsecurity
- 22. © Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. THANK YOUwww.ibm.com/security