© 2015 IBM Corporation

How Secure is Your Data?

Eric Offenberg

WW Sales Enablement Leader

IBM Security Guardium

2© 2015 IBM Corporation

A Short Video to Get Us Started

3© 2015 IBM Corporation

Are you doing enough to protect data that runs your organization?

Damaging security incidents involve loss or illicit modification or destruction of sensitive data

Yet many security programs forget to protect the data

70%Customer data, product designs, sales information, proprietary algorithms, communications, etc.

Source: TechRadar

of your organization’svalue likely lies in intellectual property

4© 2015 IBM Corporation

Data is the key target for security breaches…..… and Database Servers Are The Primary Source of Breached Data

http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf2012 Data Breach Report from Verizon Business RISK Team

Database servers contain your constituents’s most valuable information

– Financial records

– Customer information

– Credit card and other account records

– Personally identifiable information

– Patient records

High volumes of structured data

Easy to access

“Go where the money is… and go there often.” - Willie Sutton

WH

Y?

5© 2015 IBM Corporation

40%

Yearly growth

of the Digital

Universe over

the next

decade

80%

Unstructured

data in the

enterprise

46%

Increase in

number of

data breaches

from 2013 to

2014

256Number of

days it can

take to

identify

malicious

attacks

23%

Organizations STILL struggle with security

Unstructured Data Security

Increase in

Total Cost of

a data

breach since

2013

6© 2015 IBM Corporation

$3.5MYearly average cost of

compliance

Company Data

Security approach

Audit

events/year

Average cost/

audit

Data loss

events/year

Average cost/

data loss

Total cost

(adjusted per TB)

w/o data security 6.3$24K

2.3$130K

$449K/TB

w/ data security 1.7 1.4 $223K/TB

Annual Cost of not implementing data security $226K/TB

Total annual cost of doing nothing in BIG DATA compliance:(for average Big Data organization with 180 TB of business data) $40+ M

Source: Aberdeen Group. Why Information Governance Must be Addressed Right Now. 2012

Doing nothing about data compliance is not optionalCurrent models don’t scale

Source: The True Cost of Compliance, The

Cost of a Data Breach, Ponemon Institute,

7© 2015 IBM Corporation

Data is challenging to secure

DYNAMICData multiplies

continuously andmoves quickly

DISTRIBUTEDData is everywhere,across applicationsand infrastructure

IN DEMANDUsers need to constantly access and share data to do their jobs

8© 2015 IBM Corporation

Most Organizations Have Weak Controls

94% of breaches involved database servers

85% of victims were unaware of the compromise for

weeks to months.

97% of data breaches were avoidable through

simple or intermediate controls.

98% of data breaches stemmed from external agents

92% of victims were notified by 3rd parties

of the breach.

96% of victims were not PCI DSS-compliant

at the time of the breach.

Source: 2012 Verizon Data Breach Investigations Report

http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf

Key findings: 855 incidents reported

174 million compromised records

9© 2015 IBM Corporation

Top Data Protection Challenges

Where is my sensitive data - and who’s

accessing it (including privileged users)?

How can I enforce access control &

change control policies for databases?

How do I check for vulnerabilities and

lock-down database configurations?

How do I reduce costs by automating &

centralizing compliance controls?

What sensitive data does my organization

possess?

© 2015 IBM Corporation

Finding a Solution

11© 2015 IBM Corporation

File and Data Activity Monitoring: 3 Key Business Drivers

1. Internal threats

• Identify unauthorized

changes (governance)

• Prevent data leakage

2. External threats

• Prevent theft

3. Compliance

• Simplify processes

• Reduce costs

12© 2015 IBM Corporation

Guardium uses intelligence and automation to safeguard data

PROTECTComplete protection for sensitive

data, including compliance automation

ADAPTSeamlessly handle

changes within your IT environment

ANALYZEAutomatically

discover critical data and uncover risk

13© 2015 IBM Corporation

Guardium for Databases/ Database Activity Monitor (DAM)

• Assure compliance with

regulatory mandates

• Protect against threats

from legitimate users and

potential hackers

• Minimize operational

costs through automated

and centralized controls

• Continuous, real-time

database access and activity

monitoring

• Policy-based controls to

detect unauthorized or

suspicious activity

• Prevention of data loss

Data Access Protection and

Compliance Made Simple

Requirements

Benefits

Guardium

14© 2015 IBM Corporation14

EmployeeTable

SELECT

Fine-Grained Policies with Real-Time Alerts

Application

Server

10.10.9.244

Database

Server

10.10.9.56

Included with DAM

Heterogeneous

support including

System z and

IBM i data servers

15© 2015 IBM Corporation

Guardium helps support the most complex of IT environments …Examples of supported databases, Big Data environments, file shares, etc

Applications Databases

DB2Informix

IMS

Data Warehouses

NetezzaPureData for AnalyticsDB2 BLU

CICSWebSphere

SiebelPeopleSoftE-Business

Database ToolsEnterprise

Content Managers

Big Data Environments

Files

VSAMz/OS Datasets FTP

DB

Cloud Environments

Windows, Linux,

Unix

16© 2015 IBM Corporation

• Scripting maintenance

• Expertise to parse logs

• Centralize collection

• Stove-piped approach

Typical home grown compliance is costly and ineffective

Create reports

Manual review• Approval• Reject• Escalate

Manual remediation dispatch and tracking

Native Data Logging

Data Compliance Burden

Spreadsheet

Evaluation

17© 2015 IBM Corporation

Protect critical files and documents

Protect Files

Protect

Databases & Big Data

Guardium

Protect

Web Applications Classify files and understand sensitive data exposure

Visualize ownership and access for your files

Control access to critical data through blocking and alerting

Monitor all file access, and review in a built-in compliance workflow

Detect anomalous activity and investigate outliers

IBM Security Guardium Activity Monitor for FilesNEW!

18© 2015 IBM Corporation

… and eases integration across the broader environment as well

SNMP DashboardsTivoli Netcool, HP Openview, etc.

Change Ticketing SystemsTivoli Request Manager, Tivoli Maximo, Remedy, Peregrine, etc.

Endpoint ManagementBigFix

Security Intelligence and ManagementQRadar SIEM, SiteProtector, QRadar Log Manager, zSecure Audit, ArcSight, RSA Envision, McAfee ePO, etc.

Business application integrationsPeopleSoft, Siebel, SAP

Load BalancersF5, CISCO Endpoint Management

BigFix

Long Term StorageIBM TSM, IBM PureData-Nettezza, Optim Archive, EMC Centers, FTP, SCP, etc.

Vulnerability StandardsCVE, STIG, CIS Benchmark, SCAP

Streamline Processes

Reduce Costs Increase Security

Long Term StorageIBM TSM, IBM PureData-Nettezza, Optim Archive, EMC Centers, FTP, SCP Application Security

AppScan, Policy Manager

Data Protection on zzSecure zSystems SIEM, zSecure zAdmin and RACF

Web Application Firewalls F5 ASM and ISMIBM Security Guardium

Directory Services

Security Directory Service,

Active Directory, LDAP

Identity Management

Privileged Identity Manager,

Identity and Access Management

Authentication

RSA SecureID, Radius, Kerberos, LDAP

Reduce Costs, Streamline Processes

& Increase SecurityClassification & Leak Protection

InfoSphere Discovery, Information

Governance Catalog, Optim Data

Masking - Credit Card, Social

Security number, phone, custom, etc.

19© 2015 IBM Corporation

ANALYZE

A leading organization uses

Guardium to analyze and protect

data in a dynamic environment

using real-time monitoring of more

than 5K heterogeneous data

sources, including Big Data

sources, without affecting the

performance of critical apps.

Client success stories

PROTECT

Another organization uses

Guardium to analyze and protect

data by monitoring and auditing

500 production databases.

They have increased security, while

reducing staff security requirements

from 10 FTEs to 1 FTE.

ADAPT

A healthcare company deployed

IBM Security Guardium across 130

databases in just 3 weeks.

They can now get compliance

reports for PCI, SOX, and HIPAA

in just a few moments.

20© 2015 IBM Corporation

Guardium supports the whole data protection journey

Perform vulnerability assessment, discovery

and classification

Dynamic blocking, alerting, quarantine, encryption

and integration with security intelligence Comprehensivedata protection

Big data platforms, file systems or other platforms

also require monitoring, blocking, reporting

Find and address PII, determine who is reading

data, leverage masking

Database monitoring focused on changed data,

automated reporting

Acutecompliance

need

Expandplatform coverage

Addressdata privacy

Sensitivedata discovery

21© 2015 IBM Corporation

133 countries where IBM delivers

managed security services

20 industry analyst reports rank

IBM Security as a LEADER

TOP 3 enterprise security software vendor in total revenue

10K clients protected including…

24 of the top 33 banks in Japan,

North America, and Australia

Learn more about IBM Security

Visit our website

ibm.com/guardium

Watch our videos

https://ibm.biz/youtubeguardium

Read new blog posts

SecurityIntelligence.com

Follow us on Twitter

@ibmsecurity

© Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any

kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor

shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use

of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or

capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product

or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries

or both. Other company, product, or service names may be trademarks or service marks of others.

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside

your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks

on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access.

IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other

systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE

IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

THANK YOUwww.ibm.com/security