Database security

Every organization has privileged users—those employees, partners, even customers granted special access to data and applications. But these users may not be who you think they are. Their actions often come with high risk—and enormous consequences—to the security, integrity and availability of your services.

  • A recent report from IBM® X-Force® noted that insiders were responsible for 60% of all attacks in last year, up from 55% in prior year.
  • 79% of insider attacks occurred when a privileged user altered and reset controls to avoid detection
  • 81% of insider attacks used another  person’s credentials to bypass controls or gain elevated rights.
  • Where possible, automated preventive or corrective controls should be established to block changes to the components critical to the security of your systems, applications and data. The reality is: Poor security is often implemented by the privileged user. So it is important to control what these users can do, even if they have the highest levels of privilege

 Data security is not a luxury it is a Must.

 Data security is not a luxury it is a Must.

To  protect against users, the next step is to add protection against threats such as segregation-of-duties violations that create conflict of interest, breaches and theft that take advantage of poorly managed user accounts, lack of recertification that fails to ensure users have only the access they need, and lack of strong authentication that fails to ensure only the people who have been granted access are the ones actually using it.

Three key layers of capabilities form the foundation for this comprehensive security approach:

Privileged identity and access management

  • Administering and governing users’ access permissions and roles
  • Providing strong multi-factor authentication for privileged users

Security intelligence

  • Monitoring and auditing privileged user activity
  • Identifying anomalous behavior
  • Reporting on compliance policy adherence

Data security

  • Discovering, classifying, protecting and monitoring sensitive data
  • Encrypting user credentials
  • Encrypting data at rest and data in motion
Privileged User

ITS Solutions: All working Together

The Guardium and PAM integration can show the detailed activity and correlate it with the real user who checked out the credential

With Guardium Data Activity Monitor (DAM), companies are producing insightful reports to show details of data activities such as who executed an activity, when it was executed, where the activity occurred, and how it happened.

If you have privileged account credentials that are managed by IBM Security Privileged ACCESS Manager, you can perform database activities by using a shared account that the user checks out.

For creating a clear audit trail and to hold people accountable, it is important to identify the actual user who leased the PAM shared credential.

 

Register Now for your Demo

IBM Platinum Business Partner