Skip navigation
Skip navigation
You are using an outdated browser. Please upgrade your browser.

• Supports Data Centre Consolidation with Expanded Support for IBM DB2, Informix, Cognos Software and IBM i and System z Operating Systems with z/VM and Linux

Guardium, the database security company, today announced continuing customer momentum for its database security solutions safeguarding IBM database software. The world’s leading organisations in financial services, government, retail, manufacturing, healthcare and other industries have selected Guardium and IBM software to better manage and protect their enterprise data.

With today’s news, Guardium also announced sweeping support for a broad range of IBM server platforms and database software products. The support helps organisations mitigate risks by protecting sensitive databases across the enterprise from both internal and external threats, while reducing IT costs with centralised security policies for heterogeneous infrastructures. It also supports data centre and server consolidation initiatives by providing continuous, real-time monitoring controls that reduce the risk of concentrating critical data on shared infrastructures.

In addition, the company announced that it recently became the first database security company to achieve [IBM Information On Demand Specialty[] accreditation.

In the February 2009 report “Market Overview: Database Security,” Forrester estimates that over 70 percent of all threats to databases come from inside the enterprise, and that database administrators spend less than 5 percent of their time on database security. Insider threats are difficult to detect and block because privileged users typically have unfettered access to sensitive data. In addition, according to a [recent IBM report*[], SQL injection attacks were up 134 percent in 2008 and have replaced cross-site scripting as the predominant type of Web application vulnerability, with attacks spiking to 450,000 per day during 2008.

Guardium‘s scalable enterprise platform streamlines operations with a single unified set of security policies – for IBM DB2, Informix, Microsoft SQL Server, Oracle, Sybase, MySQL and Teradata – without performance impact or changes to databases or applications. In addition, Guardium allows customers to:

• Protect against data leakage by looking for unauthorised access to sensitive tables and sensitive data in query results.
• Ensure data governance by preventing unauthorised changes to critical data values or database structures.
• Discover sensitive data in databases, for compliance with privacy requirements such as PCI-DSS and NIST 800-53.
• Enhance database security postures with automated vulnerability management and configuration auditing.

Guardium’s solution uses real-time, policy-based monitoring to immediately identify unauthorised or suspicious activities, without relying on traditional DBMS-resident logs that can easily be disabled by privileged users. In addition, Guardium S-GATE™ is the industry’s only solution for blocking administrators from viewing or changing sensitive data in heterogeneous DBMS environments.

Customer Momentum
More customers are choosing Guardium and IBM software including:
• Financial Services: 3 of the top 4 global banks, one of the top cardholder brands, one of the largest U.S. mutual fund companies and a NYSE-traded financial services company with four data centers managed by IBM Global Business Services.
• Government: Critical government agencies in the U.S. and other geographies worldwide.
• Retail & Hospitality: 2 of the top 3 global retailers and a major office supply brand.
• Manufacturing: Customers include a top 3 auto maker, top 3 aerospace manufacturer, global beverage brand and global consumer food company.
• Health Care: Major health care providers and Blue Cross-Blue Shield organisations.
• Energy: Some of the world’s largest utilities and energy companies including National Grid.

"The integrity and confidentiality of our ERP, financial and customer data are paramount to our company and enable us to serve our millions of customers safely, reliably and efficiently," said Cindy Peluso, director of information security, National Grid. "We have selected Guardium's real-time database monitoring and compliance automation solution to help us meet our compliance goals for database monitoring."

Expanded Support for IBM Database Software and Operating Systems
Guardium has added support for some of the most popular IBM database platforms including:
• IBM DB2 UDB 9 for z/OS, building upon the company’s previously announced Guardium for Mainframes product.
• IBM DB2 for IBM i, bringing advanced protection to IBM’s mid-range integrated platform.
• IBM DB2 9.5 for Linux, UNIX and Windows, in addition to previous support for DB2 8 and 9.
• Cognos 8, for which Guardium now identifies fraud and other unauthorised activities via application-layer monitoring. This is in addition to previous support for enterprise applications such as SAP, PeopleSoft and SOA applications developed for IBM WebSphere Application Server and other middleware platforms.
• IBM Informix 11.5, supplementing previous support for Informix 9, 10 and 11.
• System z Red Hat Enterprise Linux and SUSE Linux Enterprise Server for System z, providing coverage for all major DBMS platforms running in the IBM z/VM hypervisor.

“IBM is helping companies address the challenges of managing huge volumes of data with its Information Agenda approach to quickly transform data into a strategic asset, and, in turn, make smarter business decisions," said Boris Bialek, program director for IBM Data Management. “Guardium’s enterprise database security and real-time monitoring technology supports this approach by enabling organisations to simplify and unify their infrastructures with the safety and assurance that they’re not increasing their risk posture.”

Enabling Data Centre Consolidation by Enhancing Controls to Mitigate Risks
Many organisations are consolidating data centres to reduce operational costs and “go green.” These initiatives often leverage advanced virtualisation technologies, such as z/VM with Linux, to create a more flexible infrastructure.

This approach requires additional controls because it concentrates risk. Privileged users with access to the shared infrastructure – such as DBAs, developers and outsourced personnel – must be prevented from viewing confidential data in databases. This is challenging because traditional network security technologies and DBMS-resident controls cannot protect data from administrators. Monitoring privileged users is also important because attacks, such as SQL injection, frequently result in the external attacker obtaining privileged access. Implementing fine-grained access policies is also required for key regulations such as Sarbanes-Oxley (SOX), the Payment Card Industry Data Security Standard (PCI-DSS), NIST 800-53 and SAS 70.

Guardium reduces cost and complexity by replacing manual, time-consuming log-based processes with centralised and automated controls. In a commissioned case study conducted by Forrester Consulting** on behalf of Guardium, Guardium’s solution delivered a risk-adjusted ROI of 239% with a payback period of less than 6 months for a F500 global manufacturer with SAP, Siebel and 21 other key financial applications running on IBM DB2 and Oracle on IBM AIX, and Microsoft SQL Server.

Information On Demand Certification
Guardium has become the first database security company to achieve IBM Information On Demand Specialty accreditation based on its demon¬strated skills, technical solution reviews and proof of market success with IBM customers. The company previously achieved IBM Advanced Industry-Optimised status for Financial Markets by demonstrating successful implementations with IBM customers in the financial services industry, and has been a member of IBM’s prestigious [Data Governance Council[] since 2005.

“Real-time database monitoring and data-level access controls help enterprises with three of their top pain points: preventing data leaks, assuring proper data governance and reducing operational costs,” said Guardium CTO Ron Bennatan, Ph.D., IBM Gold Consultant and author of Implementing Database Security and Auditing. “Guardium gives all IBM customers – including mainframe and iSeries customers – unprecedented visibility and control over their data access activities, without the risk and complexity of traditional log-based approaches. Working together, IBM and Guardium provide customers with proven technology leadership that helps them migrate to next-generation architectures without increasing their risk posture.”

Guardium leveraged IBM’s Innovation Centers to develop and test these platform enhancements.

About Guardium
Guardium, the database security company, delivers the most widely-used solution for preventing information leaks from the data centre and ensuring the integrity of enterprise data.

The company’s enterprise security platform is now installed in more than 450 data centres worldwide, including 3 of the top 4 global banks; 3 of the top 5 insurers; 2 of the top 3 global retailers; 15 of the world’s top telcos; 2 of the world’s favourite beverage brands; the most recognised name in PCs; a top 3 auto maker; a top 3 aerospace company; and a leading supplier of business intelligence software.

The company has an alliance with Oracle, Microsoft, IBM, BMC, EMC, Accenture, McAfee and ArcSight, with Cisco as a strategic investor, and is a member of IBM's prestigious Data Governance Council and the PCI Security Standards Council.

Founded in 2002, Guardium was the first company to address the core data security gap by delivering a scalable enterprise platform that both protects databases in real-time and automates the entire compliance auditing process.

Guardium and S-GATE are trademarks of Guardium, Inc. All product and company names herein may be trademarks of their registered owners.

Media Contacts:
Hazel Butters or Ellie Turner
Prompt Communications on behalf of Guardium
Tel: 020 8996 1650/ 07780 687813

* * “IBM Internet Security Systems X-Force® 2008 Trend & Risk Report,” IBM Global Technology Services, Jan. 2009.
**“The Total Economic Impact of Guardium Database Monitoring, Security and Auditing,” commissioned case study by Forrester Consulting, Jan. 2008.

This press release was distributed by ResponseSource Press Release Wire on behalf of Prompt Communications Ltd in the following categories: Computing & Telecoms, for more information visit