Hello, again, and welcome back. We have investigated the motivations, challenges, and pitfalls of data security and protection, and discussed the top capabilities of a good data security solution. In this video, we will explore IBM Security Guardium, IBM solution to achieve smarter data security with visibility, automation, and scalability. We will talk about IBM Security Guardium Data Encryption, and IBM Security Key Lifecycle Manager. We will also visit the IBM Security Learning Academy and look at two labs for future learning. Guardium is a powerful data security and compliance solution that supports a staged implementation. This allows customers to implement increasing functionality, starting with the most urgent issues and growing to expand coverage. Customers can start with basic and acute compliance needs such as data access reports required by auditors or regulation. Then they can expand coverage to other sensitive platforms, control and monitor the access of privileged administrators, seek out sensitive data throughout the enterprise, and create a comprehensive strategy to protect that data. Guardium helps you protect data against unauthorized access, ensure data privacy, identify risk, and reduce the cost of compliance. Guardium addresses data sources on-premise or in the Cloud. It works with database servers, distributed data repositories, and unstructured data such as sensitive documents and files. Guardium provides the following capabilities: database discovery and classification, unstructured data discovery and classification, vulnerability assessment, real-time database access monitoring, real-time unstructured data monitoring, real-time alerting, blocking, masking, session termination, quarantining, and query rewriting actions, built-in and custom reporting, compliance workflow automation, out of the box and custom reporting, compliance accelerators for industry regulations and standards including GDPR, SOX, Basel II, and HIPAA, configuration auditing, and active threat analytics. Guardium provides a complete solution to a company's monitoring needs. It uses few database server resources, typically three percent to five percent CPU utilization reducing the impact on the database system operations. Guardium is implemented such that database administrators and privileged database users with high levels of access to the data itself have no access to Guardium. Because Guardium intercepts database queries before they reach the database and intercepts query results before they are passed to the requester. Data access can be blocked or reported and data can be masked. Guardium works consistently in heterogeneous database environments. This allows for standardization of policies, procedures in which data is collected and reported on. Additionally, a single Guardium system can monitor and manage the security of different vendor database products. Guardium can also monitor Amazon AWS, RDS database engines. To provide heterogeneous support for databases and applications, Guardium uses host-based probes by a distributed agent called the S-TAP. This provides lightweight cross platform support. Because the S-TAP agent runs on database servers at a low level below the databases and applications, all access is monitored unlike network monitoring which does not detect activity running solely on the database server. For example, a privileged user working locally on the server console will not be detected by any solution that only monitors network traffic, but would be detected and could be monitored or even blocked by Guardium. Also because S-TAP runs at a level below the database in application, no changes to the database or applications are required when you install S-TAP. Separate collector and aggregate or appliances provide most of the resource intensive processing allowing the database servers themselves to run with a minimum of interference. Activity is logged in real-time and is immediately available for alerting or reporting. Additionally, the strings are parsed into smaller data elements so that activity information is easier to categorize and build reports on. Parsing is done in real-time by default, they can be deferred to a later time for resource utilization issues, alerts happen in real-time. Guardium uses a tiered hierarchy of collectors, aggregators, and a central manager. Collectors gather and parse activity about sensitive data from data repositories, provide real-time analysis, and store it for further processing. A Guardium implementation has at least one and generally many more than one collector. Aggregators collect and merge information from multiple collectors. This provides an enterprise view of sensitive data operations. Guardium implementations with more than a few collectors have one or more aggregators. A Guardium environment has one central management system which controls and monitors all collectors and aggregators in that environment, and provides a holistic view through a single console. Centralized management provides uniformity of policies which can be created once and distributed to many diverse endpoints. Centralized aggregation gathers data security information from distributed sources for unified processing, storage, and reporting. Heterogeneous data source support provides similar security capabilities for different sorts of data repositories. IBM Security Guardium Data Encryption is an integrated suite of highly-scalable products. It helps minimize risk and reduce operational costs of encryption key management. It provides encryption for files, databases, applications, and Cloud container data. It also provides tokenization in Cloud key management capabilities, including key storage, rotation, and life cycle management. It will secure data assets across the enterprise, including Cloud, virtual, big data, and on-premise environments. It provides support for regulatory compliance efforts. IBM Security Key Lifecycle Manager provides encryption key management capabilities. It supports multi-master clustering allowing synchronization and real-time delivery of keys to increase flexibility and ease of use. It simplifies security key lifecycles including generation, distribution, and lifecycle management reducing costs. It can be simply insecurely integrated with IBM storage systems. Finally, I would like to draw your attention to some Guardium labs available on the IBM Security Learning Academy, at www.securitylearningacademy.com. Let us examine the Guardium area of the academy. There are roadmaps for getting started with Guardium, for Guardium users and for Guardium administrators. These roadmaps are excellent stepping off points for building on what you have learned in this video series. Two excellent labs are here. Guardium database vulnerability assessment is a foundational level course. It contains an explanatory video, a lab guide, and a virtual lab environment. Returning to the roadmap, another excellent lab is creating a Guardium query and report. It has a lab guide and a virtual lab environment. In summary, we have discussed IBM Security Guardium products and previewed the Guardium section of the IBM Security Learning Academy. Thank you for your time and attention.
