1.01 - Guardium Data Protection Overview

IBM Security Guardium Data Protection
Overview
Revised for Guardium 11
Waves of information,
regulations and security tools
create…
Data Compliance Privacy Operational
Uncertainty Requirements Risks Complexity
Group Name / DOC ID / November 2018 / © 2018 IBM Corporation 2

Data protection use cases
Effective
External threats Internal threats
operations
Sharp rise in external attacks Ongoing risk of careless Growing need to address a steadily
from non-traditional sources. and malicious insider behavior. increasing number of mandates.
• Cyber attack • Administrative mistakes • Automate compliance

• Organized crime • Careless inside behavior • Harden data sources
• Corporate espionage • Internal breaches • Maximize resources
• Government-sponsored attacks • Disgruntled employees actions • Optimize IT environment
• Social engineering • Mix of private/corporate data • Reduce costs
Cost of a Data Breach - 2019 Ponemon
Report
Malicious or
criminal attack 51% System glitches 25% Human error 24%
The Journey: the Data Security cloud transformation is underway, and it will happen fast.
Built on Innovation
• Data labeling (Blockchain)
• Data protection on endpoints
(mobile/IOT)
• Data Protection aaS

• Certificate Mgmt aaS
• Data Risk Analytics aaS Data identity
• Data Security Knowledge aaS and IOT
• Cognitive contextual analytics Privacy and
• Privacy management aaS Leveraging data
Securely moving protection from
• BYOL Cloud deployments Data workloads the Cloud (aaS)
• Support DBaaS to hybrid Multi-
• Data Risk Analytics
Protecting Cloud
• Data Lake consolidation
Data
• Big Data, Files support
Expansion
• Analytics
• Encryption/Masking
Compliance
• Deploy automation on Databases
• GDPR Support
• Real-time monitoring
WAVE 1 WAVE 2 WAVE 3
• Compliance Accelerators
• Centralized scale
On-Prem Data Hybrid-cloud Data Data Explosion Everywhere
…customers will be looking to leverage Cloud and Cognitive technology to make data security a business decision on risk and privacy
management
IBM Security Guardium Family
Enabling market to
adopt Data Security
• Quick Start Guides
• Cloud based deployment (BYOL Catalog AWS and Azure)
• Support for Cloud DBaaS (native audit log support + External TAP)
• RESTAPI completeness and flexibility
• Guardium AppExchange
Guardium Data Protection • Dashboarding and Analytics
• GDPR Accelerator (discovery/classification, rules/policies, reports)
• Globalization to 8 new languages
• Documentation
• Deployability enhancements: STAP autoconfiguration, automatic Load balancing
• Managed Services for Guardium DP
• Pricing simplification
•
Guardium Data Protection for Files •
Support for NAS and Sharepoint
GDPR Accelerator
• VA evaluation images and partnering licenses

• Increase DPS frequency for most high severity urgent VA tests
Guardium VA • Dashboarding and reporting
• Affordable long term data audit retention and analytics

Guardium Big Data Intelligence • Faster Reporting
Guardium Data Encryption • Protects data from misuse on-premise, cloud, hybrid, or multi-cloud
• Encryption for: Files and Databases, Applications, Teradata environments
Data Risk Manager • Business visibility and automatic handling of data risk
• Support for mid-market customers for GDPR and other Regulations

• Removal of the 30 day trial limitation. Free premium model.
Guardium Analyzer • Globalization
• Expanded scope
• Customization
IBM Data Security Portfolio & Strategy
Enable the business to make actionable decisions on the management of data risk across all their environments, with minimal
operational overhead
Information Security Risk Management

Databases
Security Risk Vulnerability Behavioral Privacy
Operations
On-Premise, in Cloud
Management Assessment Analytics Management
and Big Data
Response
Data-Centric Audit Protection

PROACTIVE
Data Lakes
REACTIVE
Ecosystem
Compliance Data Data Activity
Reporting Discovery Classification Monitoring Files
(systems)
Identity and Information Security Enforcement IoT, Mobile

Access Files
Mgmt.
Encryption Tokenization Masking Access Control DLP
SaaS
IBM Data Security Portfolio & Strategy
Enable the business to make actionable decisions on the management of data risk across all their environments, with minimal
operational overhead
Information Security Risk Management

Databases
Guardium
Security
QRadar, Data Risk Big Data
Privacy
Risk Vulnerability
Analyzer/ Behavioral
Operations Manager Intelligence
On-Premise, in Cloud
Resilient Management Assessment
VA* Analytics Management
and Big Data
Response
Data-Centric Audit Protection

PROACTIVE
Data Lakes
REACTIVE
Ecosystem
Guardium Data
Compliance
Guardium Data Guardium Data Protection (DAM,
Activity
AppExchange Classificatio
Reporting
Accelerators Discovery FAM) Monitoring Files
n
(systems)
Identity and Information Security Enforcement IoT, Mobile

Access
Files
Mgmt.
Cloud Identity, Guardium Data and Multi-
CyberArk, IGI EncryptionCloudTokenization
Encryption Masking Access Control
Data Ecosystem DLP
SaaS
Safeguard sensitive data–wherever it resides
Analytics Cloud
environments
Discovery, classification,
vulnerability assessment, Applications
entitlement reporting
Encryption, masking,
and redaction Big Data
platforms
IBM
Data and file activity monitoring Security
Guardium
Databases and
data warehouses
Dynamic blocking and masking,
alerts, and quarantine
Compliance automation
and auditing
Mainframes File systems
IBM Security Guardium Data Protection
Monitor – Enforce – Comply
Guardium Data Protection safeguards sensitive data using automated discovery, classification, monitoring, real-time
controls and cognitive analytics, and streamlines compliance with prebuilt reports and workflows
DATABASES FILES MULTI-CLOUD MAINFRAME BIG DATA DATABASE SERVICES
KEY BENEFITS
• Monitors and audits all data activity, with

visibility into all transactions
• Enforces protection by surfacing and

investigating abnormal activities and threats
with cognitive analytics
• Accelerates compliance workflows and audit

activities
12
IBM Security Data Risk Manager
Identify – Visualize – Communicate
Data Risk Manager provides executives and their teams with a business-consumable data risk control
center that helps to uncover, analyze, and visualize data-related business risks so they can effectively
collaborate and take action to protect their business.
KEY BENEFITS
• Identify high-value, business-sensitive

information assets that are at risk from
internal and external threats
• Visualize potential risks with business

data, highlighting where the business is
at risk
• Communicate data risk information
with executive dashboards
13
IBM Security Guardium Analyzer (SaaS)
Find regulated data – Uncover risk – Take action
Guardium Analyzer (SaaS) identifies databases that contain personal and sensitive personal information
and helps teams minimize risk using next-generation classification techniques and vulnerability scanning
to prioritize on-premises and cloud databases containing at-risk data via a software-as-a-service model
KEY BENEFITS
• Efficiently find and classify regulated

data
• Uncover risk using specialized risk-

scoring techniques, applied to results
of the vulnerability scans and data
classification
• Take action using risk details and

remediation recommendations
14
IBM Security Guardium Vulnerability Assessment
Detect – Report – Remediate
Guardium Vulnerability Assessment scans data environments (databases, data warehouses,

big data platforms) to detect vulnerabilities and suggest remedial actions. It can identify exposures
such as missing patches, weak passwords, unauthorized access and changes, misconfigured
privileges, account sharing, , see full reports, and understand progress over time.
KEY BENEFITS
• Detect vulnerabilities by scanning the

entire data source infrastructure
• View and share detailed reports
• Remediate issues with simple,

actionable steps to harden data sources
15
IBM Security Guardium Big Data Intelligence
Agility – Retention – Insights
Guardium Big Data Intelligence augments your existing data security solution, enriching it with the
ability to quickly create an optimized security data lake that retains large quantities of historical data
over long time horizons to deliver new, enriched analytics insights while reducing costs and delivering
near-real time reporting.
KEY BENEFITS
• Improves the agility of your data

security solution
• Enables longer data retention periods

by storing more data over longer time
horizons,
• Provides easily consumable insights to

improve data security posture
16
IBM Security Guardium Encryption Portfolio
Protect – Control – Manage
Guardium Data Encryption and Security Key Lifecycle Manager safeguard data from misuse whether
it resides on premises, in a single cloud, multiple clouds or hybrid environments with file and volume
encryption, tokenization, and security key lifecycle management to maintain control of sensitive data and
help address compliance requirements
KEY BENEFITS
• Guardium Data Encryption provides

advanced encryption capabilities
• Security Key Lifecycle Manager

centralizes, simplifies, and automates the
encryption key management process
17
Hybrid and multicloud are the new normal
USD 438 billion in 2020 USD 609 billion in 2020
2018–2020 CAGR 15% 2018–2020 CAGR 18%
A real-world look at multicloud
Private
clouds
Public clouds
and SaaS
Dedicated
clouds
94% Share of enterprises using
a mix of cloud models
Traditional
67% Share of enterprises using more
than one public cloud provider
IT
USD 640 billion in 2020
2018–2020 CAGR -9%
Movement Connectivity Consistency

between clouds 73% priority
concern between clouds 82% priority
concern of management 67% priority
concern
Sources: IDC Cloud Forecast; BCG & McKinsey

IBM Cloud / July 2019 / © 2019 IBM Corporation
External S-TAP – Hybrid Cloud Data Protection
IBM Security Learning Academy - www.securitylearningacademy.com
• Join the IBM Security Community - community.ibm.com/security
The Security Learning Academy is a

full service learning platform,
Link here: community.ibm.com/security
providing a variety of training objects
and instruction options.
• Single portal, easy to communicate and promote

• Interactive and individualized learning
• Role and task based roadmaps can be followed
as-is or users can select from the catalog
SLA Features: • Earn digital badges to demonstrate achievement
and skill level
̶ Online courses
̶ Video lessons and demonstrations
̶ Documents and workbooks
̶ Webinar and Seminar Series
̶ Instructor led content
̶ Hands on labs
THANK YOU
FOLLOW US ON:
ibm.com/security
securityintelligence.com
xforce.ibmcloud.com
@ibmsecurity
youtube/user/ibmsecuritysolutions
© Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any
statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International
Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper
access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be
considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful,
comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems,
products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.

1.01 - Guardium Data Protection Overview

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

1.01 - Guardium Data Protection Overview

Încărcat de

Drepturi de autor:

Formate disponibile

IBM Security Guardium Data Protection

Group Name / DOC ID / November 2018 / © 2018 IBM Corporation 2

• Cyber attack • Administrative mistakes • Automate compliance

• Data Protection aaS

• VA evaluation images and partnering licenses

• Affordable long term data audit retention and analytics

• Support for mid-market customers for GDPR and other Regulations

Information Security Risk Management

Data-Centric Audit Protection

Identity and Information Security Enforcement IoT, Mobile

Information Security Risk Management

Data-Centric Audit Protection

Identity and Information Security Enforcement IoT, Mobile

DATABASES FILES MULTI-CLOUD MAINFRAME BIG DATA DATABASE SERVICES

• Monitors and audits all data activity, with

• Enforces protection by surfacing and

• Accelerates compliance workflows and audit

• Identify high-value, business-sensitive

• Visualize potential risks with business

• Efficiently find and classify regulated

• Uncover risk using specialized risk-

• Take action using risk details and

Guardium Vulnerability Assessment scans data environments (databases, data warehouses,

• Detect vulnerabilities by scanning the

• View and share detailed reports

• Remediate issues with simple,

• Improves the agility of your data

• Enables longer data retention periods

• Provides easily consumable insights to

• Guardium Data Encryption provides

• Security Key Lifecycle Manager

Movement Connectivity Consistency

Sources: IDC Cloud Forecast; BCG & McKinsey

• Join the IBM Security Community - community.ibm.com/security

The Security Learning Academy is a

• Single portal, easy to communicate and promote

S-ar putea să vă placă și